“The Malware-tanian”: Hidden threats behind BAFTA-nominated films

Awards season is in full swing and this weekend the 74^th annual BAFTA Awards is set to take place at the Royal Albert Hall in London. However, recent research from Kaspersky has revealed that films are not only sources of entertainment, but also attractive lures for cybercriminals to spread threats, phishing pages and spam letters. As a result, on the eve of such an important industry event, it has become a source of interest for cinephiles, film buffs, scammers and fraudsters alike.

To get a clearer picture of how cybercriminals seek to monetise viewers’ interests, Kaspersky experts have analysed malicious files behind nominated films, as well as movie-related phishing websites designed to steal users’ credentials.

The Best Film nominees being studied

Since March 2020, Kaspersky observed that 106 users were subjected to infection attempts using files with various threats disguised as best film nominees. Researchers found that “The Mauritanian” was the most popular bait among cybercriminals, with 22 malicious users in total. “Nomadland” and “Promising Young Women” were joint second in this rating, with 17 infected users each.

The number of unique users targeted by malware associated with nominated films

In addition, Kaspersky researchers discovered 83 files targeted with malware associated with nominated films. “Promising Young Women”, “The Mauritanian” and ‘The Trial of Chicago” all received the highest number for most targeted file, with 15 subjected to malware in total. “Limbo” and “Mogul Mowgli” were safer in comparison to the nominees listed.

The percentage of unique files targeted by malware associated with nominated films

Kaspersky experts also found phishing pages in Chinese for BAFTA-nominated Nomadland.

A phishing website related to Nomadland

“Films have always been popular baits to spread threats and perform phishing campaigns. Today we have discovered some interest from threat actors around the most popular films at that moment, like The Mauritanian and Promising Young Woman. It appears that these popular films are attracting not only viewers around the world, but also cybercriminal interest,” comments Kaspersky security expert Anton V. Ivanov.

In order to avoid falling victim to a scam, Kaspersky advises that users:

• Check the authenticity of websites before entering personal data and use only official webpages to watch films, series’ and shows. Double-check URL formats and company name spellings.
• Pay attention to the extensions of the files that you are downloading. A video file will never have an .exe or .msi extension.
• Use a reliable security solution Kaspersky Security Cloud that identifies malicious attachments and blocks phishing sites.
• Avoid links promising early viewings of content, and if you have any doubt about the authenticity of content check it with your entertainment provider.

About Kaspersky

Kaspersky is a global cybersecurity company founded in 1997. Kaspersky’s deep threat intelligence and security expertise is constantly transforming into innovative security solutions and services to protect businesses, critical infrastructure, governments and consumers around the globe. The company’s comprehensive security portfolio includes leading endpoint protection and a number of specialized security solutions and services to fight sophisticated and evolving digital threats. Over 400 million users are protected by Kaspersky technologies and we help 250,000 corporate clients protect what matters most to them. Learn more at www.kaspersky.com.