Scammers exploit popular anime Demon Slayer: Kimetsu no Yaiba – The Movie: Infinity Castle’s release to steal personal, banking information
The new Demon Slayer anime movie recently premiered in several countries, but its debut has also led to a surge in scam activity where cybercriminals are exploiting users’ interest in the new film by luring them with the promise of free access to the anime.
Kaspersky experts have identified scam websites in multiple languages, indicating that attackers are seeking to reach a global audience by exploiting the film’s popularity.
The scam works as follows: attackers create fake websites that claim to offer free access to the new movie with voiceovers in the user’s native language.
However, when visitors attempt to play the video, a fake player appears, prompting them to register in order to supposedly gain access to the film and receive “unlimited access” to the platform’s content.
To register and continue watching the movie, users are asked to provide personal information, such as their email address and in some cases, a mobile phone number, in addition to creating a password.
Later steps of the fake registration request banking details under the guise of a “free trial,” putting users at risk of credential theft, especially if the same password is used across multiple accounts, leading to potential financial loss.
“We’ve seen that cybercriminals often try to profit from high-profile premieres such as Demon Slayer, exploiting the fan bases of popular franchises. We strongly encourage users to access content only through official platforms to protect their personal data and avoid financial harm,” said Kaspersky senior web content analyst Olga Altukhova.
To avoid falling victim to scams, users are advised to:
● Check the authenticity of websites before entering personal data and only use official webpages to watch or download movies. Double-check URL formats and company name spellings.
● Always choose official and reputable streaming platforms to protect personal data from theft and misuse.
● Use a reliable security solution that identifies malicious attachments and blocks phishing links. The quality of security solutions’ phishing detection is annually evaluated by independent testing labs.
● Enable multi-factor authentication and monitor accounts: Activate two-factor authentication on Apple ID and financial apps. Additionally, regularly review statements for unauthorised activity.
