What hackers and cybercriminals of various types wouldn’t do to collect our personal data or send us a nice phishing e-mail! And what a fantasy they have to find new ways of doing it. The last, for example, relies on the enormous waiting for the last season (the final one) of Game of Thrones. Indeed, GoT fans are the target of the latest series of online scams discovered by Check Point Software Technologies’ research team.
The Games of Thrones brand logo and usage rights have been licensed to various sites, which are officially and for all intents and purposes to use them to sell merchandising, or to offer services related to the hugely popular American TV series (such as online games). But, alongside these official sites, according to Check Point, an infinite number of sites that are absolutely unauthorized and, in most cases, malicious, are springing up like mushrooms. Through these sites, difficult to distinguish from legitimate ones, fans of the Throne of Swords are induced to cede their data or even to download software that contains viruses or other malicious codes. Here’s how the scam works.
How the Games of Thrones scam works
The Throne of Swords scam is, in essence, a classic phishing scam. But it’s done well, because the official graphics are faithfully reproduced and the malicious sites look like the real official sites, because they are well made. Everything starts from an e-mail that, for example, invites the fan to participate in an online competition whose final prize is a special gift pack of GoT merchandising products.
Obviously, it is not absolutely true: the fan who clicks on the fraudulent e-mail is sent to an equally fraudulent site where he is asked to leave his name, surname, telephone number, e-mail address and any company. All fields must be filled in to participate in the competition and there is even a fake form with terms and conditions. There is even a checkbox to receive further communications on new online competitions related to the TV series. In short, this time hackers have done a good job.
Unfortunately, it’s all fake: there is no prize to be won, the person who bites is just giving away his personal data which, in the future, will be used for some spam campaign. Other versions of the scam are even worse because they require you to download software to enter the competition. Guess what the software contains? A nice virus.
How to defend yourself from the Sword Throne scam
Even in the case of this online Games of Thrones phishing scam, the recommendations to avoid giving away your data or downloading viruses are always the same, valid for all phishing attempts:
1) Never click on links received via e-mail, unless you know who is sending them to you
2) Check that the web address of the site on which you would like to send the link to starts with “Https” and not only with “Http”. To do this, just move the mouse over the link, without clicking: the destination address of the link will appear
3) Inside the address, immediately after Http or HTTPS, check the domain name: if it is not exactly what you would expect, in fact, it is very probable that it is a site created ad hoc for the scam and not the official one of GoT
4) Even before this you install a good antivirus software, which also checks your e-mails,