In early July, S4 of one of the most long-awaited series, Stranger Things, was released. Despite a three-year break due to pandemic-related delays, the series was hotly anticipated and, once again, topped streaming charts. Unfortunately, the desire of ardent fans to see new episodes as soon as possible has been actively abused by fraudsters. Kaspersky researchers found numerous examples of spam emails and phishing pages designed to steal these fans’ money and personal information.
Even though new episodes have already been released, fans are still not safe, because not all of them choose to watch the series on the official site, Netflix. When users refuse to pay for a subscription to a streaming service and choose to watch a movie or show on an illegitimate page, they end up paying a heavier price than they are saving – losing their personal information and card data.
Taking advantage of the interest in this popular series, some cyber criminals have offered users the ability “to watch the new episodes for only $1.” To access this offer, ‘customers’ were asked to register a new account and enter their address and bank details. After entering their information, fraudsters then drained victims’ wallets, without the victims gaining access to the new season of their favourite series.
Cybersecurity experts have detected spam emails that abuse the popularity of Stranger Things. Such emails are used to sell products of dubious quality and are spread through promotional emails without the consent of the recipient. For example, in one of the spam emails, users were given the opportunity to buy limited-edition graphic t-shirts related to the new season of Stranger Things. The site supported all languages and all currencies for payment. It may not necessarily be a phishing page, but the fact that the ads for these products were promoted through spam and the domain itself was only recently created raises suspicions about the safety of buying from this page.
“The S4 finale was a roller coaster for many viewers, including myself, as a personal fan of the show. However, the painful and challenging ending has only stoked fans’ appetite for more, with excitement already brewing for Stranger Things S5. And as we know, where there is audience demand, scammers will always try to cash in. We can therefore expect that cybercriminals will soon start to actively exploit the popularity of this last season. The danger for users remains as urgent as ever. Fans need to be careful as trying to save money on a streaming service subscription can lead to them losing much more than they could ever save,” comments Olga Svistunova, a security expert at Kaspersky.
To avoid falling victim to scams, users need to:
- Avoid links promising early viewings of films or TV series. If you have any doubts about the authenticity of the content, check with your entertainment provider;
- Check the authenticity of the website before entering personal data, and only use official trusted web pages to watch or download movies. Double-check URL formats and company name spellings;
- Pay attention to the extensions of the files you are downloading. A video file will never have a .exe or .msi extension;
- Use a reliable security solution that identifies malicious attachments and blocks phishing sites.