Multiple cyber risks posed by counterfeit digital content sites

By Ideas Matter

Websites offering internet users counterfeit games software, music, films or television programs regularly provide unwanted ‘extras’ in the form of computer malware, trojans and other programs designed to collect passwords, credit card details and other personal and confidential information.

These are the findings of the recent study by the European Intellectual Property Office (EUIPO), working with the United Nations Interregional Crime and Justice Research Institute (UNICRI) and EUROPOL, entitled Identification and Analysis of Malware on Selected Suspected Copyright-Infringing Websites.

The study found over 4,000 files (200 GB of data) containing malware or other potentially unwanted programmes on more than 1,000 websites suspected of sharing illegally protected content. 

One hundred different pieces of malware were found, often marketed as being useful user software, including fake game installers and free programmes that promised to let users access and stream pirated content. However, these programs were designed to lure users into sharing or otherwise gave hackers access to credit card details, social network logins or other personal data on the user’s computers and other devices.

“Our findings are important for all online users, of whatever age, as they highlight the inherent dangers in copyright-infringing sites,” said Christian Archambeau, Executive Director of the EUIPO. 

Ideas Matter spoke about the report and related cybersecurity risks with Juan Hardoy, Assistant General Counsel of Microsoft and Director of its Digital Crimes Unit for Europe, the Middle East and Africa.  Microsoft has long been involved in actively investigating cyber breaches, botnets, phishing and similar problems, not only those related to illegal copies of software but more generally in protecting against digital risks and fraud, safeguarding data and personal information, and helping vulnerable populations.  The company provides a regular Security Intelligence Report and other education, awareness and assistance to government and private-sector users in trying to deal with such cyber issues.

According to Hardoy, “Cybercrime like this is getting more common and more complicated.  Not only malware but phishing scams are on the rise. These activities are common because they scale.”

Every user will be affected in some way by this activity, according to Hardoy.  “This is a growing problem, but we can mitigate and reduce it through awareness and public and private sector education. You need to be able to identify genuine from non-genuine, and recognise scams, phishing and malware risks.”

Hardoy’s advice for avoiding malware from content sites?  “Get software and other content from recognised, reputable sources.  If prices look too good to be true, they probably are!”

The EUIPO’s full report can be found here, and its summary press release here.  Microsoft information on recent cyber threats, information on dealing with such threats and other related information can be found here