Phishers prey on fans of 'Star Wars: The Rise of Skywalker' film

Some users have already been affected by 65 malicious files disguised as copies of the latest Star Wars film, according to Kaspersky. Here's how to avoid being a victim of such phishing attempts.

Video: 3 leadership lessons from Star Wars TechRepublic caught up with Trey Grayson, Kentucky's former Secretary of State and current CEO of the Northern KY Chamber of Commerce, about what business leaders can learn from Star Wars.


May the force be with you as Star Wars: The Rise of Skywalker hits theaters this week. 

Researchers at cybersecurity company Kaspersky have found 65 malicious files disguised as copies of the latest and final movie in the trilogy. They have also found more than over 30 phishing sites and social media profiles disguised as official movie accounts that supposedly distribute free copies of the movie, Kaspersky said.

SEE: Star Wars: The Rise of Skywalker review -- Everything you could ask for, except heart (CNET)

In addition to spreading malicious files, the sites often collect credit card data, under the pretense of necessary registration on the portal, according to Kaspersky.

Hype surrounding the film franchise has been feeding this problem for much of the year, the company said. Overall, in 2019, Kaspersky researchers detected 285,103 attempts to infect 37,772 users trying to watch Star Wars' movies; a 10% rise over 2018.

Films have become fertile soil for cyberattacks because they are one of the main forms of entertainment users try to access for free, Kaspersky said. Online streaming, torrents and other digital distribution methods often infringe upon content copyright, and yet, they remain a popular source of free content.

Torrent-trackers and illegal streaming platforms pose a threat to users' cyber safety, since they can host malicious files, masked behind the name of movie files in order to fool fans, according to Kaspersky.

How the process fools fans

The process works by copying the official name of a film and providing thorough descriptions and supporting content. Then a cyberattacker creates domains of websites used to gather personal data, and spread malicious files, and dupe users into believing that the website is in some way connected to the official film. 

This practice, known as "black SEO," enables criminals to promote phishing websites high up in search engine results. These results often show up for search terms such as "name-of-the-film watch free," Kaspersky said.

SEE: Verizon and Disney use 5G to enhance 'Star Wars: The Rise of Skywalker' premiere (TechRepublic) 

To further support the promotion of fraudulent websites, cybercriminals also set up Twitter and other social media accounts, where they distribute links to the content. Coupled with malicious files shared on torrents, this brings the criminals results, the firm said.

So far, 83 users have already been affected by 65 malicious files disguised as copies of the upcoming movie, Kaspersky said.

"It is typical for fraudsters and cybercriminals to try to capitalize on popular topics, and Star Wars is a good example of such a theme this month," said Tatiana Sidorina, security researcher at Kaspersky, in a statement. "As attackers manage to push malicious websites and content up in the search results, fans need to remain cautious at all times. We advise users to not fall for such scams and instead enjoy the end of the saga on the big screen."

Tips to avoid becoming a victim 

Kaspersky recommends the following steps to avoid falling victim to malicious programs pretending to be popular films or TV shows:

  • Pay attention to the official movie release dates in theaters, on streaming services, TV, DVD, or other sources
  • Don't click on suspicious links, such as those promising an early view of a new film.
  • Look at the downloaded file extension. Even if you are going to download a video file from a source you consider trusted and legitimate, the file should have an .avi, .mkv or .mp4 extension, among other video formats, definitely not .exe.
  • Check the website's authenticity. Do not visit websites allowing you to watch a movie until you are sure that they are legitimate and start with 'https.' Confirm that the website is genuine by double checking the format of the URL or the spelling of the company name, reading reviews about it, and checking the domain's registration data before starting downloads.
  • Use a reliable security solution for comprehensive protection from a wide range of threats.

Also see

star-wars-epi-9.jpg

Image: Walt Disney Studios