Threat Actors Leverage SEO to Spread Scam

Threat actors leveraged Search Engine Optimization (SEO) to promote a website designed to spread fraudulent software masquerading as Windows Movie Maker – free video editing software that was discontinued last January – in an attempt to bilk money from unsuspecting users. A Google search for “Movie Maker” returns windows-movie-maker[.]org – the fraudulent website hosting the fake software – as the top two search results. Once the software is downloaded from the fraudulent site, the user receives an alleged free trial of the Windows Movie Maker program. The user is then repeatedly prompted to upgrade to the paid version, offered at $29.95. If the user pays, the money is sent to the threat actors and the user never receives the legitimate software. By leveraging SEO, the scam website reached users around the globe, becoming the third most detected threat worldwide and the number one threat in Israel on November 5. ESET notified Google and Microsoft of the fraudulent website. The NJCCIC recommends all users review the ESET postonly download software from official and authorized sources, and refrain from using software that has been discontinued by its vendor. If you have already installed the Windows Movie Maker software offered through the aforementioned malicious website, uninstall it and run a reputable antivirus or antimalware program immediately.