Skip to content

2013 Press Release

Hundreds of Fake Iron Man 3 Streaming Sites Emerge in Recent Internet Scam

Fraudulent Surveys on Facebook Helps Crooks Earn Money

[Taipei, 9 May, 2013] With the current hype around the third Iron Man sequel, the leading global security company, Trend Micro Incorporated (TYO:4704), found hundreds of websites emerge on the Internet claiming to stream the box office hit. Once visited, these sites required users to download a video installer that would not play the aforementioned film, but may instead leave those affected vulnerable to malware. Furthermore, social media platforms like Facebook and many well-known blogs also allowed scammers to further spread “Free Iron Man 3 Streaming Video" websites to draw users into taking surveys that generated financial gain for the said scammers.

TrendLabs noticed the false Iron Man 3 websites even before the film’s official release in the United States. Most of the sites used popular blog providers (half of the fake Iron Man 3 sites found used Tumblr) to lead users to the disguised Iron Man 3 streaming or download pages.

Figure 1. Half of the fake Iron Man 3 sites we found used Tumblr

Based on TrendLabs’ analysis, the video player downloaded is said to be “a legitimate video player." However, this particular video player has been known to display aggressive ads in the past, and these legitimate files could easily be replaced with malware at a later time. Thus, it won’t be a complete surprise to find a malware-hosted Iron Man 3 streaming and download webpage anytime soon.

Unsurprisingly, some scammers also used Facebook to spread supposed free Iron Man 3 movie streaming links. But once users click the link, they are redirected to several web pages with survey scams, and their Facebook contacts spammed with the same post. Similar ruses TrendLabs documented in the past include the “Facebook Profile Viewer" and a survey scam under the veil of the much talked-about Google Glass competition.

Figure 2. Screenshot of webpage leading to survey scam

None of these sites led to the actual advertised movie. Some of these sites, however, asked users to register and to include their credit card number, which is highly suspicious.

“Summer blockbusters like Iron Man 3 are typical cybercrime baits because they have been effective in tricking users into visiting shady websites," Paul Oliveria, Security Focus Lead of Trend Labs, Trend Micro Incorporated, mentioned. “Because of the clever use of social engineering tactics, users may end up falling into the bad guys’ traps. Thus, it is important to be aware of how social engineering works and be conscious of what you click and share on your Facebook and other social media accounts" Paul said.

Trend Micro blocks the related sites and domains related to this threat. For further information on this, please check:

Connect with us on