The Game of Thrones, complicit with the release of the eighth and final season, is back to being trending topic. Hackers are also trying to take advantage of it
What hackers and cybercriminals of various kinds won’t do to collect our personal data or send us a nice phishing email! And what an imagination they have in coming up with ever new ploys to do it. The last one, for example, leverages on the huge wait for the last season (the final one) of Game of Thrones. GoT fans, in fact, are the target of the latest series of online scams uncovered by Check Point Software Technologies’ research team.
The Games of Thrones logo and brand rights have been licensed to several sites, which are officially and effectively authorized to use them to sell merchandise, or to offer services related to the popular American TV series (such as online games). But, next to these official sites, according to Check Point, an infinite number of absolutely unauthorized and, in most cases, malicious sites are springing up like mushrooms. Through these sites, which are difficult to distinguish from the legitimate ones, fans of the Iron Throne are induced to surrender their data or even to download software containing viruses or other malicious codes. Here’s how the scam works.
How the Games of Thrones scam works
The Game of Thrones scam is, in essence, a classic phishing scam. It’s done well, though, because the official graphics are faithfully reproduced and the malicious sites look like the real official sites, because they are well-made. Everything starts from an e-mail that, for example, invites the fan to participate in an online contest whose final prize is a special gift box of GoT merchandising products.
Obviously it is absolutely not true: the fan who clicks on the scam e-mail is sent to a scam site where he is asked to leave his name, surname, phone number, e-mail address and company. All fields must be filled in to participate in the contest and there is even a fake card with the terms and conditions. There is even a checkbox to receive further communications about new online contests related to the TV series. Unfortunately, it’s all fake – there’s no prize to be won, and those who take the bait are just giving away their personal data, which will be used for some spam campaign in the future. Other versions of the scam are even worse, because they require you to download software in order to participate in the contest. Guess what that software contains? A cool virus.
How to defend yourself against the Game of Thrones scam
Even in the case of this Games of Thrones-themed online phishing scam, the recommendations to avoid giving away your data or downloading viruses are still the same, valid for all phishing attempts:
1) Never click on links you receive via email, unless you know who’s sending them to you
2) Double-check that the Web address of the site you would like the link to send you to begins with “Https” and not just “Http”. To do this, just bring the mouse over the link, without clicking: you will see the destination address of the link
3) Inside the address, right after Http or Https, check the domain name: if it is not exactly what you would expect, in fact, it is very likely that it is a site created for the scam and not the official GoT site
4) Even before all this, install a good antivirus software, which also checks your e-mails.