Media and Entertainment

Fake Movie Streaming Sites Steal Payment Card Details

17 - 24 December 2019

An ongoing campaign is capitalising on the new Star Wars movie to lure victims to fake streaming sites that steal payment card data.

An ongoing campaign is capitalising on the new Star Wars movie to lure victims to fake streaming sites that steal payment card data. Highly popular films are often used as baits in social engineering attacks to distribute malware. In this campaign, over 30 fraudulent websites and social media profiles are disguised as official movie accounts distributing free copies of the film. These websites collected payment card details under the pretence of registration to access the movie portal. Cybercriminals also used social media to distribute links to the content. At least 65 malicious files, camouflaged as the movie, have been detected as containing malware. Users are advised to avoid clicking on suspicious links and to check the website authenticity before furnishing personal data and payment details.  

References:

The Sky-Rise of Droppers: Phishing and Malware Attacks Surface Amid Premiere of Famous Space Saga

More Weekly Cyber Newsanalysis and insights

Ensign Consulting

Enhancing your security posture, developing your cyber strategy, and designing your incident response plans.​

Ensign Systems Integration

Architecting and implementing cybersecurity solutions that bolster defences

Ensign Managed Security Services

Managing your security operations for advanced threat detection, continuous monitoring, and triage services

Ensign Labs

Performing deep research to analyse vulnerabilities, deploy advanced threat hunting and provide cyber threat intelligence