History may not repeat, but it definitely rhymes. Much like the deceptive unofficial Squid Game apps that were flooding the Google Play store just a few months ago, a new Spider-Man-themed phishing scam has been circulating peoples' emails just in time for the release of the new film.
This scam comes in the form of an email promising a sneak peek at Spider-Man: No Way Home, as long as you put your credit card information into the attached link. While this might seem obvious to some, this movie is a huge event, so the chance to see it makes the risk seem worth it for any mega fans out there.
Avoiding this scam is somewhat easy, even if you're tempted to click on everything related to Spider-Man in anticipation of his upcoming adventure. By being cautious and installing the proper software, you can avoid any sinister schemes from the people who are sending out these links.
What is the Spider–Scam?
While Avengers: Endgame is the highest grossing movie of all time, the anticipation for Spider–Man: No Way Home has been astronomically high, promising to weave together the past 20 years of Spider–Man's cinematic history. Millions of people have been desperately excited to see it, with their judgement possibly impaired by this desire.
Cue scammers looking to take advantage of this audience. Cybersecurity firm Kaspersky detected a lot of fraudster activity around the release of this film, stating:
“With the excitement surrounding the release of the newest Spider-Man film, the inattention of thrilled viewers is being abused by cybercriminals. The premiere of ‘No Way Home’ is no exception but an attractive lure to spread threats and phishing pages.”
The emails that are circulating are essentially well-constructed promotional emails (using official materials like logos and posters) telling users that they can see the movie for free, and even download it onto their computer, all by entering their credit card information into the email. Obviously, this doesn't work, and instead harvests people's credit card information for insidious purposes.
Why is the Spider-Scam dangerous?
It shouldn't be hard to see why a mysterious person or group harvesting credit card information is a bad thing. These groups can use this money for any number of shady transactions, and if the card entered was a debit card, reversing these charges can be next to impossible
Fortunately, there aren't many cases of people falling for this, so the specifics of the scam are still somewhat unknown. However, that means anyone who has fallen for it might not know what to expect.
If you think you've fallen victim to this scam or something similar, the best thing you can do to protect yourself is immediately contact your bank and cancel your card. It would also pay to keep an eye on your accounts over the coming weeks to make sure no unusual activity is going on.
How to Stay Safe Online
This scam is one of many, as phishing scams have seen a massive increase over the past couple of years. Outside of general caution and attention to detail, what can the everyday person do to avoid falling victim to such a scam?
One of the best ways to avoid such a trap is to install antivirus software. When given access to your email account, antivirus software can give every incoming email a quick scan and warn you of any suspicious links. Here are some of the best antivirus software options on the market.
In a more general online security sense, it's always a good idea to install a VPN. Using a VPN while browsing online is like wearing a mask in a public area. It will help you avoid detection, as well as any harmful third parties, like phishing scams or hackers. Here are some of the most secure VPNs on the market.
Another good idea is to use a password manager. Password managers help you stay on top of your various accounts and login information, meaning you won't have to rely on your memory, or storing them somewhere where they might be compromised. Here is a list of our favorite password managers.