Iron Man just made almost a hundred million dollars during its opening weekend in the US. Yes, summer movie season has just kicked in. You know, that time of the year (even if one’s not in the said country) when all the big blockbuster flicks are jockeying for the “box office hit” title. Almost every week there a new highly anticipated film or sequel (or the now-overused term “threequel”) opens in theaters, much to the delight of moviegoers and, in some cases, cyber criminals as well.
The use of movies as a social engineering bait by hackers is not new; in fact, it has sort of become a tradition that one has to expect every year. So while reading Entertainment Weekly’s “fearless” predictions for the season, we decided to come up with predictions of our own. Only this time we’re calling them “fearful” predictions, mainly because these are the types of predictions we hope would not come true.
1. Spammers and phishers will lure potential victims with raffle entries for tickets or merchandise. In 2005, Revenge of the Sith became the bait of choice of a Yahoo! phishing attack. Last year, spammers sent a supposedly short survey related to The Simpsons Movie in an attempt to gather email addresses. It will not be surprising if a similar tactic pops up this year, just in time when the anticipation for movies like Sex and the City or the X-Files sequel reaches fever pitch. After all, in the gaming arena, it has already happened with the release of Grand Theft Auto IV.
2. At least one malware will pose as an “exclusive” trailer, free movie passes for the premiere, or the “uncut version” of a movie. Unfortunately one has to download the “codec” or the “raffle entry form” first.
3. The official site of one movie will get compromised. Or a high-traffic fan site or blog, for that matter. Users who would want more information about a particular flick (show times, reviews, etc.) will click on the compromised page, where a slew of malware will be downloaded onto the unknowing victim’s computer.
Then again, with the ongoing trend of SEO poisoning and creating fake pages from scratch (which are laden with spammy links and keywords), users only need to Google a keyword in order to get infected. Speaking of SEO poisoning…
4. “Heath Ledger” will be once again a good keyword for poisoned pages. As the buzz surrounding the actor’s portrayal of The Joker in the upcoming The Dark Knight grows louder — some already claim it’s his finest role yet worthy of a posthumous Oscar — whose interest won’t be piqued?