This week’s scam post is a little different. In a nod to the final series of Game of Thrones, we decided to take a look at a scam involving that most beloved of TV shows (as well as a few others). Shows like Game of Thrones are extremely popular. The finale of season 7 saw viewing figures of 16.5 million. In fact, TV shows are becoming more popular than Hollywood Movies because of our love of binge watching our favourite shows.
Of course, this has not been lost on cybercriminals ever vigilant for a golden opportunity to carry out their scams. In a recent and very interesting report by security firm, Kaspersky, they found that popular shows like GOT are being used to carry malware straight into our living rooms.
Paying the Iron Price for Freebies
Before I start, be aware, this scam is propagated by pirated TV show content. The malware infections discussed here are not caused by playing a show on Netflix or Prime. But pirated TV shows and movies are pretty popular. If you think illegal downloading is a niche thing to do then you may be surprised by the 1 billion downloads or streaming’s of season 7 Game of Thrones.
The Kaspersky analysis shows that Game of Thrones was the most malware infected of all pirated TV shows. In 2018, 126,340 users, globally, were infected through this route – 22% of them via Game of Thrones.
If you think, “No worries, I don’t like Game of Thrones, too gory” well the scammers like all the same TV shows you like too. As well as GOT, the other malware-ridden shows included, The Walking Dead, Arrow, Suits, and Vikings.
The Types of Malware and Routes to Infection
The most prevalent type of malware to infect users in this scam is a Trojan. Trojan’s are behind data leaksand other data-related nefarious actions. In this pirated TV scam, the Trojan was packaged to look like a Game of Thrones download file. It was delivered either through an email or an illegitimate website. Once the hopeful watcher clicked to open the file, the Trojan would execute and infect their computer. The aftermath, a little like being a guest at The Red Wedding of GOT episode 9, season 3.
Adware and Downloaders
These types of programs known as Potentially Unwanted Programs or PUPs and are often referred to as ‘grayware’ also found their way into pirated TV shows. PUPs are often thought of as being less dangerous than other types of malware. However, they may end up as conduits to other more malicious software.
Source: Kaspersky – infected Game of Thrones file
How to Avoid the GOT Scam
The best way to avoid this scam is to play fair and pay for legitimate content though known sources. If you do, for whatever reason, decide to download that free copy of the finale of season 8 of Game of Thrones, then at least use standard security awareness knowledge:
- Pay close attention to the source – note website URLs and email addresses. Phishing emails and spoof sites may look legitimate, but they often use slightly modified domain names.
- Take extreme caution when downloading files from unknown sources
- Do not click the link in an email promising you exclusive views of a new TV show
- Use anti-malware and/or antivirus software alongside cautious online behaviour and most of all be security aware
With the release of the final series, it is highly likely that this successful scam will continue to affect viewers. Don’t be like Ned Stark and end up duped by the cybercriminal equivalent of Littlefinger – Keep cyber-safe by being cyber-savvy.
For a full break down of the figures and analysis see the Kaspersky Securelist Blog post.
Why not help your colleagues stay safe and send them this little reminder. Feel free to edit, copy/paste the advice below:
The Game of Thrones and Other TV Shows Scam
This scam applies to pirated popular TV shows such as Game of Thrones, Suits and The Walking Dead amongst others.
Be very cautious about downloading seemingly free episodes of popular TV shows. They have been found to carry malware which will infect you machine if you download and access the files. Avoid pirated media content.
Don’t forget to share this with your colleagues and friends and help them stay safe.
Let’s keeping breaking scams!