Wednesday, 27 October, 2021 - 14:25

Squid Game has become Netflix's biggest TV series with more than 111 million viewers in the month following its release. But this has also meant cybercriminals are starting to take advantage of fans’ eagerness to watch the show, with well-known fraud schemes hitting the web.

From September to October 2021, Kaspersky experts found several dozen different malicious files on the web which mention ‘Squid Game’. Here are some of the scams they found:

- Trojan malware: One scheme shows you an animated version of the series’ first game, while simultaneously launching Trojan malware onto your device. A shortcut is also created so every time you start the system, the same Trojan is launched. This Trojan is a type of malicious code or software that can take control of your computer, and it can steal data from your browsers and send it back to the attackers' server.

- Mobile malware: Another scheme detected is an app pretending to let you download an episode of Squid Game, but instead it downloads a Trojan onto your device. The Trojan is distributed in unofficial app stores and various portals under the guise of other popular applications, or even games and books.

- Squid Game suits for sale: With Halloween around the corner, many Squid Game related fake stores are starting to appear offering costumes just like players wore in the series. These stores falsely position themselves as official stores. If you buy something from them, you’re not only risking losing your money and not receiving the merchandise but you could end up sharing your banking and personal identity information with cybercriminals.

- Enter Squid Game online…and lose your information: Several pages are offering players a chance to compete in an online version of Squid Game to win a prize of 100 BNB (Binance coin). Needless to say, players never receive the promised reward and end up losing their data or downloading malware.

"Squid Game becoming a new hit lure was just a question of time. As with any other trending topic, cybercriminals have a good hunch about what is going to work and what isn't. It’s extremely important for users to check the authenticity of websites when looking for a source to stream the show or to buy some merch," comments Anton V. Ivanov, security expert at Kaspersky.

To avoid falling victim to malicious programs and scams, Kaspersky advises you:

- Check the authenticity of websites before entering personal data and only use official webpages to watch or download movies. Double-check URL formats and company name spellings.

- Pay attention to the extensions of files you are downloading - a video file will never have an .exe or .msi extension.

- Avoid links promising early viewings of content, and if you have any doubts about the authenticity of content, check with your entertainment provider.

- Use a reliable security solution that identifies malicious attachments and blocks phishing sites.

An example of phishing page offering to buy Squid Game merch

An example of a phishing page offering to play Squid Game online to win 100 BNB