Game of Thrones returned to television after a hiatus of nearly 19 months for its final season early this week. The season saw its biggest viewership yet as fans were eager to see the great war where the Starks, Targaryens fight the White Walkers. While the show has seen a lot of interest among viewers across age groups, its theme dubbed “Winter is Here” has been used to engage in number of phishing scams as well. Now, a research blog from Check Point Research shows the number of malicious activities being conducted to take advantage of the fans. Also Read - PSA: WhatsApp scam is asking users for their verification codes and it's fakeAlso Read - Microsoft says attackers using Excel for phishing campaign
The report notes that the websites designed to target Game of Thrones fans can be split into two main categories – legitimate or fraudulent websites. Both the categories seem to target fans, mostly the unsuspecting ones. One of the examples found out by Check Point Research involves a site that uses official branding of the show and poses as a legitimate competition for fans. The site claims to give special gift pack of GoT merchandise. “There is however, no such prize and the site instead collects as many email and mobile phone details as possible that could possibly be used in future spamming campaign,” the researchers note. Also Read - Apple and Netflix are the most imitated brands for phishing attack during COVID-19 lockdown: Check Point Research
In another example, a site was dishonestly collecting credit card details of users by posing as an official Game of Thrones merchandise store. The legitimate websites include fan pages, online games or small shopping sites looking for potential customers whereas the fraudulent websites exploit the popularity of GoT branding to display ads, acquire personal information of users. According to Check Point Research, the fraudulent sites “mostly include sites requesting personal information for marketing opportunities, and fake streaming sites, requesting the user to download a browser add-on and provide personal information, while no streaming content is displayed at the end of the process.”
How to protect against GoT-based phishing scam
1. It is recommended that you think before you click. While clicking on links on trusted sites should be totally fine but the links that appear in random emails and instant messages may not end well. It is also advisable to hover over links that you are unsure of before clicking on them. This will tell you the link will lead to where you are expecting.
2. Always make sure if a site’s URL begins with “https” and there is a closed lock icon near the address bar.
Watch: Xiaomi Redmi Note 7 Pro First Look
3. Also check if the site’s domain name is the site you are expecting to visit and trust. If it is not then you could be about to become the next victim of a phishing scam.
4. All computer users are recommended to make sure they have an advanced threat prevention solution installed that will prevent against such phishing attacks.