New James Bond Movie is Cybercriminals Shiniest Phishbait

James Bond PhishbaitCybercriminals are using the new James Bond movie, No Time to Die, as phishbait, the National reports. Researchers at Kaspersky warn that malicious ads and phishing sites are claiming, falsely, to offer free access to the full movie. The sites display the beginning of the movie, and then ask users to enter their credit card information to continue watching.

“When users visit a website in the hope of watching the long-awaited No Time to Die movie, they will be asked to register their details after seeing the first few minutes of the latest film,” The National says. “During the registration, victims would be required to enter their credit card information. However, after registration is complete, the user might not be able to continue watching. Money is debited from their card and the payment data ends up in the fraudster’s hands.”

Tatyana Shcherbakova, a security expert at Kaspersky, stated that phishing campaigns commonly use popular movie releases as phishing material.

“With the premieres of new films and TV series moving online, this has fuelled interest not only for cinephiles but also among scammers and fraudsters. Inevitably, such a long-awaited premiere as ‘No Time to Die’ causes a stir,” Shcherbakova said. “Users should be alert to the pages they visit, not download files from unverified sites and be careful with who they share personal information.”

The National offers the following recommendations to help users avoid falling for these attacks:

  • “Avoid links promising early viewings of films or TV series. If you have any doubts about the authenticity of the content, check with your service provider.
  • “Check the authenticity of website before entering personal data. Only use official, trusted webpages to watch or download movies.
  • “Pay attention to the extensions of files you are downloading and check the spellings of company name.
  • “Use a reliable security solution that identifies malicious attachments and blocks phishing sites.”

New-school security awareness training can teach your employees to follow security best practices so they can thwart social engineering attacks.

The National has the story.

Free Phishing Security Test

Would your users fall for convincing phishing attacks? Take the first step now and find out before bad actors do. Plus, see how you stack up against your peers with phishing Industry Benchmarks. The Phish-prone percentage is usually higher than you expect and is great ammo to get budget.

PST ResultsHere's how it works:

  • Immediately start your test for up to 100 users (no need to talk to anyone)
  • Select from 20+ languages and customize the phishing test template based on your environment
  • Choose the landing page your users see after they click
  • Show users which red flags they missed, or a 404 page
  • Get a PDF emailed to you in 24 hours with your Phish-prone % and charts to share with management
  • See how your organization compares to others in your industry

Go Phishing Now!

PS: Don't like to click on redirected buttons? Cut & Paste this link in your browser:

Subscribe to Our Blog

Comprehensive Anti-Phishing Guide

Get the latest about social engineering

Subscribe to CyberheistNews