Scam sites offering fake streams of new James Bond movie – CNET

bond-25-b25-39456-rc2-091520-rgb

James Bond (Daniel Craig) and Paloma (Ana de Armas) in No Time to Die.


Nicola Dove/MGM

Cybersecurity researchers are warning of fake streams of the new James Bond movie that are designed to infect user devices and steal their personal information.

In the lead-up to the release of No Time to Die, researchers for Russian cybersecurity firm Kaspersky discovered and analyzed several malicious files disguised as the movie. While it appears that few people have tried to download the files so far, researchers say the malware includes particularly dangerous Trojans designed to both gather login credentials and create backdoors into users’ computers. The researchers also found adware and ransomware masquerading as the film.  

In addition, the researchers found a number of phishing websites offering streams of the movie. After watching the first few minutes of the film, users were asked to register to continue watching and asked to enter their credit card information. But after registration is complete, Kaspersky says the user can’t continue watching. Charges are made to their card and the cyber criminals get the card information to potentially use for more fraud down the road.

Tatyana Shcherbakova, a security expert at Kaspersky, says that movies have long been an attractive lure for cyber criminals looking to spread malware and draw traffic to phishing sites. The move of many movie premieres to legitimate streaming sites has only boosted that. 

And cyber criminals are eager to capitalize on long-awaited premieres of movies like No Time to Die, she says.

“The audience is in a hurry to see the movie, causing them to forget about internet security,” Shcherbakova says in a statement. “Users should be alert to the pages they visit, not download files from unverified sites and be careful with who they share personal information.”

Kaspersky also recommends that consumers pay attention to the extensions of files they are downloading. For example, a video file will never have a .exe or .msi extension. And, of course, it recommends using security software, such as its own Kaspersky Security Cloud, which identifies malicious attachments and blocks phishing sites.

Leave a Reply

Your email address will not be published. Required fields are marked *