Attackers are exploiting the hype surrounding this year's Oscar Best Picture nominated movies to infect fans with malware and to bait them to phishing websites designed to steal sensitive info such as credit card details and personal information.
This method is the perfect way to get around movie fans' defenses seeing that many of them are willing to take down their defenses for a chance to get a free preview, especially given that the 92nd Academy Awards ceremonies are just around the corner on February 9th.
High-profile TV shows and films are frequently used as lures in social engineering attacks promising early previews either in the form of fake streaming sites or via malicious files disguised as early released copies.
Kaspersky researchers who discovered these ongoing attacks "found more than 20 phishing websites and 925 malicious files that were presented as free movies, only to attack the user."
"The uncovered phishing websites and Twitter accounts gather users’ data and prompt them to carry out a variety of tasks in order to gain access to the desired film," a press release published today says.
"These can vary from taking a survey and sharing personal details, to installing adware or even giving up credit card details. Needless to say, at the end of the process, the user does not get the content."