Spider-Man Film Release Hype Bites Fans with Credit-Card Harvesting!

Spider-Man Film Release Hype Bites Fans with Credit-Card Harvesting!

Attackers are using the excitement over the new Spider-Man movie to steal bank information & spread malware.

Fri’s release of ‘Spider-Man: No Way Home’ is the 1st ‘post-pandemic’ premiere to really have all the Hollywood blockbuster elements: superheroes, Zendaya, a good dose of comic book nostalgia — even its own phishing fraud.

Spread Malware

Researchers at Kaspersky warned that the release of ‘Spider-Man: No Way Home’ is being used by cyber-criminals to spread malware & steal banking information.

“Fans’ expectations are through the roof right now, arguably higher than for any film,” Kaspersky’s Tatyana Shcherbakova explained in a statement. “Everyone who has ever been a fan of Spidey has their own theories about the films, which can be exploited by cyber-criminals.”

Prime Targets

It is hardcore Spider-Man fans, desperate to the first to see the movie or get inside information about it, who are prime targets for fake promises of an early look at the film or offers to sign up for other access to the superhero’s universe, Kaspersky’s researchers warned.

Kaspersky revealed that some of the Spider-Man phishing sites use fan art of the film’s stars to try & catch the attention of the most obsessive followers of the franchise:

Banking Information

Some phishing sites asked for banking information in exchange for downloading sneak previews of the movie, which turn out to be malicious video files. If accessed, the videos are filled with adware & trojans, some able to gather & modify device data, the Kaspersky researchers reported.

“Forgetting about cyber-security, the audience is in a hurry to find out the secrets of the movie premiere, & fraudsters are using fan art & trailer cuttings as bait to make victims download malicious files & enter banking details,” Shcherbakova outlined.

Spidey Sense Tingling?

High emotion & excitement are key to the success of phishing campaigns. Anytime a lure can illicit an emotional response, the more likely a victim is to click.

Emotions around the premiere of the latest instalment in the Spider-Man franchise have already been running hot, making it better than most pop-culture events for cyber-baiting. In the runup to the film’s release, social-media controversies were easy to find.

Spoilers

Days before the ‘No Way Home’ premiere, “Deleting Twitter” started trending on Twitter as fans announced they were leaving the platform to avoid spoilers before they could see the move themselves.

Like this:

The real spoiler? ‘Spider-Man: No Way Home’ fans are being targeted, so ‘be careful’ out there.

Similarly, the real-life romance between No Way Home’s stars Zendaya & Tom Holland did not just trigger debate throughout the Spidey-universe, it also sparked a discussion over “short kings” dating taller women in the runup to the Fri. premiere.

Zendaya is reportedly several inches taller than Holland, & the 2 fielded questions about the height difference throughout the press tour that fans & fierce defenders of the couple labelled as “misogynistic.”

Social Media Army

Once again, Spider-Man’s social media army was ready to fight.

Cyber-criminals are easily able to hide their lures in this world of Spider-Man online activity, researchers explained. In fact, it provides cyber-criminals with an ideal environment to launch a successful phishing campaign.

Common sense is the best approach for defence: “We encourage users to be alert to the pages they visit & not download files from unverified sites,” Shcherbakova concluded.

 

SHARE ARTICLE