The company said the names of these sites were styled to appear genuine and contained plenty of data about Star Wars: The Rise of Skywalker to give the impression that they were kosher.
The practice of adopting names that appear to be genuine called black SEO and it allows criminals to promote phishing sites so that they appear at the top of search results, when people search for "name_of_film watch free" and the like.
To make the bogus website appear legitimate, the people behind them also set up Twitter and other social media accounts and used them to distribute links to the content. Kaspersky researchers said they had found that so far 83 users had been affected by 65 malicious files disguised as files of the film.
Screenshot of a fake Star Wars-related account on Twitter distributing malware-ridden files. Courtesy Kaspersky
"We advise users to not fall for such scams and instead enjoy the end of the saga on the big screen."
Apart from phishing, attackers also use files with names similar to those of films to spread malware.
"In 2019, Kaspersky detected 285,103 attempts to infect 37,772 users seeking to watch movies of the renowned space-opera series, signifying a 10% rise compared to last year," the company said.
"The number of unique files used to target the users amounted to 11,499 - a 30% drop on last year. The data shows that even years after the film’s premiere, a significant number of users will still seek to download malicious files in the hope of watching the famous space adventures free."
The company offered the following advice to fans:
- Pay attention to the official movie release dates in theatres, on streaming services, TV, DVD, or other sources;
- Don’t click on suspicious links, such as those promising an early view of a new film; check film release dates in the cinema and keep track of them;
- Look at the extension of any file you are planning to download. Even if you are going to download a video file from a source you consider trusted and legitimate, the file should have an .avi, .mkv or .mp4 extension among other video formats, definitely not .exe; and
- Check the website’s authenticity. Do not visit websites allowing you to watch a movie until you are sure that they are legitimate and start with "https". Confirm that the website is genuine, by double-checking the format of the URL or the spelling of the company name, reading reviews about it and checking the domains’ registration data before starting downloads.