In 2021, users have been served more video on demand content than anyone could ever imagine, yet most of us have that one show where we eagerly anticipate new episodes. For many, it is Rick and Morty, a dark adult cartoon, the fifth season of which kicked off yesterday (20 June 2021).
Cybercriminals are not shy of taking advantage of fans’ eagerness to watch the show, with well-known (yet, somehow still effective) fraud schemes hitting the web.
To get a clearer picture of how cybercriminals try to monetise viewers’ interests, Kaspersky experts analysed malicious files disguised as Rick and Morty episodes in different languages, as well as sitcom-related phishing websites designed to steal users’ credentials.
Analysing files distributed from June 2020 to June 2021, the company’s experts have seen that fraudsters interested in Rick and Morty is consistent. In fact, Kaspersky researchers found about 350 files disguised as the popular show, which all distributed various types of malware – including exploits and sophisticated ransomware.
Kaspersky experts also found a number of phishing websites designed to steal viewers’ credentials. In the hope of watching new episodes of their favourite show, Rick and Morty fans were redirected to other resources to enter personal data.
To make the page more believable, scammers showed the first few minutes of the show, after which, users were asked to register by entering personal data and bank card details. After some time, money was debited from the card, and as expected, the episode did not continue to play.
“Cybercriminals are always looking for opportunities to benefit from users’ interest in sources of entertainment,” comments Kaspersky security expert Mikhail Sytnik. “For many years, we observed fraudsters creating fake pages offering to stream or download popular movies and shows – which are especially attractive when the piece of content has been long awaited.
“When searching for a new episode of your favourite series it is important to remember the basic rules of digital hygiene. We advise users to check the authenticity of websites before entering personal data and use only official webpages to watch films, series’ and shows.”