As Winter Departs GoT Themed Fraud Springs Eternal

June 21, 2019

The popular HBO series, Game of Thrones (GoT) may have ended, but the scams targeting fans of the show continue to persist. With the final season garnering 17.4 million U.S. viewers (not to mention the rest of the world), there is a very large target for scammers who aim for that bullseye. In fact, per TorrentFreak, it’s the most common TV show to be used to disguise malware. Multiple fake websites using the GoT theme have popped up claiming to sell merchandise, give away tickets to events, and other various lures that can catch out unsuspecting fans.

Scams like this are not new. They often pop up when there is a big event happening such as the World Cup, the Olympics, or the GoT finale. But these latest scams specifically make their way into the fan communities. With all the excitement, they anticipate a lot of clicks by those die-hards. Instead, the clickers just give up personal details such as email address, payment card numbers, and information about the mobile devices.


If you do want to grab that merchandise from an online shop or enter a sweepstakes, pay close attention to the URLs. Look for typos and numbers disguised as letters--such as a number 1 in place of a lower case “L.” Rather than clicking a button on an ad somewhere, hover the mouse pointer over the ad and see where it goes. If it is even the slightest bit suspect, skip it. Rather than take a chance, try going to HBO’s official fan shop. It’s a safer choice.

The main point is to be 100% sure where you’re going before entering any details or clicking links or attachments. Beware of downloading any apps from anywhere other than the official app store for your device. Often, these little tricks are hidden inside apps that are sideloaded instead.

And never enter payment details into a website that is not preceded by “https:” no matter what. Remember the new standard is that the entire website name is in front of the “https” now.

Check Point made list of known scams and fake and malicious sites targeting GoT fans. Several are listed below, but make no mistake, there are others and probably some that haven’t been discovered as fraudulent yet. Notice that these have a backslash () before the dot. It isn't legitimately in the domain name and put there probably to break the address. If you see these URLs in other places, that backslash may not be there, so use caution when/if you see them and don't click!

Stickley on Security
Published June 20, 2019