Fake Online Harry Potter Movies Launch Malware Attack

By Erik Larkin, PC World |  Security, Harry Potter, malware

If you happen to see a too-good-to-be-true offer to watch the latest Harry Potter movie online for free, watch out.

According to anti-malware software maker PC Tools, opportunistic crooks are using poisoned blog comments and dirty search engine optimization tricks to highlight lures such as 'Watch "Harry Potter and the Half-Blood Prince" online free. Clicking a link would take you to a post that would then attempt to fool victims into downloading and installing a "streamviewer" to see the movie, which is of course actually malware. Online crooks have used fake video codecs and viewers for years as a favorite social engineering tactic.

While you're at it, keep an eye out for malware-spreading e-mail that attempts to foist the "Zbot" Trojan onto victim PCs. The bad guys are using a variety of e-mails, including some that warn of a supposed critical update for Microsoft Outlook, or declare that you've received an eCard. TRACElabs has a number of screen shots of the fake e-mails in their post. Some e-mails link to a malicious download, while others link to it directly.

There are tell-tales in the e-mails for an astute surfer, but they're hidden behind a layer or two of obfuscation. For example, the displayed link to the fake Outlook update shows as http://update.microsoft.com/...., and checking the actual URL by moving your mouse over the link might initially look legit as well, until you notice that the real URL is http://update.microsoft.com.[fakedomain].com...

Such links are another favorite bad-guy tactic. To guard against all this evil social engineering, your best bet by far is to always send downloads and attachments to Virustotal.com (the site the pros use) for a free multi-engine malware scan before running them on your PC.

Join us:
Facebook

Twitter

Pinterest

Tumblr

LinkedIn

Google+

Answers - Powered by ITworld

Ask a Question
randomness