Kanye's upcoming album is a scam magnet, Kaspersky finds

3 years ago 333

"Donda" volition beryllium retired Aug. 26, and scammers are taking vantage of instrumentality anticipation by seeding the net with malicious fake downloads.

istock-1225375740.jpg

Image: iStock/Melpomenem

With Kanye West's latest album, "Donda," owed retired imminently, cybersecurity institution Kaspersky has taken the clip to analyse whether cybercriminals were taking vantage of the hype to dispersed malicious files, a la "Black Widow." It recovered that, portion the fig of scams wasn't huge, they bash beryllium and instrumentality respective antithetic forms.

It's casual to spot wherefore cybercriminals would people medium releases, movies, and different forms of highly anticipated media: It's casual to gaffe malicious codification into a download, and perchance conscionable arsenic casual to instrumentality idiosyncratic into giving up idiosyncratic details for a sneak peek. 

SEE: Security incidental effect policy (TechRepublic Premium)

In the lawsuit of Kanye's latest release, Kaspersky recovered fake downloads conscionable similar those recovered successful the days instantly preceding the merchandise of "Black Widow." Two peculiar adware files were named by Kaspersky, Download-File-KanyeWestDONDA320.zip_88481.msi and Kanye West _ DONDA (Explicit) (2021) Mp3 320kbps [PMEDIA] __ - Downloader.exe. 

Along with the accustomed fake downloads, Kaspersky besides noticed respective antithetic scam websites were utilizing assorted methods to instrumentality radical into clicking malicious links, providing idiosyncratic accusation and different being phished retired of invaluable idiosyncratic details.

In 1 example, Kaspersky said, "users person a nexus to download the 'album', and are asked to enactment successful a survey and corroborate they are not a robot." Upon completion, users are redirected to a website promising they tin marque wealth connected bitcoin. "Of course, the nexus to the medium ne'er appears, and if users autumn for the connection of becoming a bitcoin millionaire and participate idiosyncratic data, they whitethorn suffer their wealth and not get entree to the album," Kaspersky said. 

In speaking astir scams surrounding the "Black Widow" release, Kaspersky information adept Anton V. Ivanov warned that fraudsters and cybercriminals emotion to instrumentality vantage of hype and excitement astir media releases and the inattentiveness that galore radical person erstwhile trying to find a mode to spot (or hear) it first. 

"In their excitement, viewers go inattentive to the sources they use, and this is precisely what fraudsters payment from. These attacks are preventable, and users should beryllium alert to the sites they visit," Ivanov said. 

SEE: How to negociate passwords: Best practices and information tips (free PDF) (TechRepublic)

Kaspersky has respective further recommendations for those looking for tips connected staying harmless from online scams: 

  • Only entree contented from authoritative platforms similar Apple's App Store, Google Play, Spotify, Apple TV, etc. While these sites aren't wholly guaranteed to beryllium safe, Kaspersky said, they are checked and filtered, which reduces idiosyncratic risk.
  • Never click connected a nexus without checking the existent URL by hovering a cursor implicit it oregon long-pressing connected a mobile instrumentality to unfastened a preview.
  • Even well-designed phishing websites volition person tells, Kaspersky said. Links are often misspelled oregon redirected, truthful beryllium definite to look astatine URLs connected immoderate website you unfastened done an email oregon messaging link. 
  • Don't unfastened files you didn't expect to receive. If successful doubt, interaction the email sender to verify it was them who sent it.
  • Be definite that you person a trustworthy information solution installed that tin observe phishing and different perchance malicious content. 

Cybersecurity Insider Newsletter

Strengthen your organization's IT information defenses by keeping abreast of the latest cybersecurity news, solutions, and champion practices. Delivered Tuesdays and Thursdays

Sign up today

Also spot

Read Entire Article