New phishing attack targets Avengers fans

Avengers fans, beware! Scammers are are promising full movie downloads of the Marvel Blockbuster, in a new kind of phishing attack.

The scam resembles most other attacks: Users are promised free content and fans are assured either a download or a full view of the film. Streaming begins as usual, but then users are prompted to create an account in order to continue watching, says a Kaspersky Lab blog post.

Users are told they only need to enter an email address and password, but when they do so, they are prompted to enter billing information that “will not be charged.” Unsuspecting, hardcore Avengers fans who unwittingly provide the details, find that they have just given away their email address, a password that they may be using elsewhere as well, as well as their credit card information.

Cyber security experts are of the opinion that a much loved movie franchise with a huge fan base, is the perfect target for a phishing scam. Attackers prey on the emotions of the people, who are willing to take few security shortcuts to watch a long awaited movie.

The solution for this is to be always on the lookout for red flags such as an https in the web URL. Also, do not part with sensitive information such as passwords, credit card numbers or financial information, so that users say safe at all times.