Trend Micro: Beware Iron Man 3 ... streaming sites
By Digital News Asia May 9, 2013
- Hundreds of fake Iron Man 3 streaming sites emerge in recent Internet scam
- Fraudulent surveys on Facebook help crooks earn money, says info-security company
WITH the current hype around the third Iron Man movie, security company Trend Micro Inc said hundreds of websites have emerged claiming to stream the box office hit.
Once visited, these sites require users to download a video installer that would not play the aforementioned film, but may instead leave those affected vulnerable to malware, Trend Micro said in a statement.
Furthermore, social media platforms like Facebook and many well-known blogs also allow scammers to further spread “Free Iron Man 3 Streaming Video” websites to draw users into taking surveys that generate financial gain for the scammers.
TrendLabs noticed the false Iron Man 3 websites even before the film’s official release in the United States. Most of the sites used popular blog providers (half of the fake Iron Man 3 sites found used Tumblr) to lead users to the disguised Iron Man 3 streaming or download pages (click piechart to enlarge).
Based on TrendLabs’ analysis, the video player downloaded is said to be “a legitimate video player.” However, this particular video player has been known to display aggressive ads in the past, and these legitimate files could easily be replaced with malware at a later time, the company said.
Thus, it won’t be a complete surprise to find a malware-hosted Iron Man 3 streaming and download webpage anytime soon, Trend Micro added.
Unsurprisingly, some scammers also used Facebook to spread supposed free Iron Man 3 movie streaming links. But once users click the link, they are redirected to several webpages with survey scams, and their Facebook contacts spammed with the same post.
Similar ruses TrendLabs documented in the past include the “Facebook Profile Viewer” and a survey scam under the veil of the much talked-about Google Glass competition.
None of these sites led to the actual advertised movie. Some of these sites, however, asked users to register and to include their credit card number, which is highly suspicious.
“Summer blockbusters like Iron Man 3 are typical cybercrime baits because they have been effective in tricking users into visiting shady websites,” said Paul Oliveria, security focus lead of TrendLabs, Trend Micro Inc.
“Because of the clever use of social engineering tactics, users may end up falling into the bad guys’ traps. Thus, it is important to be aware of how social engineering works and be conscious of what you click and share on your Facebook and other social media accounts,” he added.
For further information on this, go here.
For more technology news and the latest updates, follow @dnewsasia on Twitter or Like us on Facebook.