Kaspersky identifies global scam activity linked to the release of Avatar 3

The premiere of Avatar 3 has taken place in several countries and has been accompanied by a noticeable increase in online interest. Amid the heightened attention surrounding the release, Kaspersky experts identified an increase in cyber-scam campaigns that exploit the movie’s launch and users’ desire to watch it online. The fraudulent websites target users across multiple regions, indicating attempts by attackers to reach a global audience.

The scam operates as follows: cybercriminals create suspicious websites that offer online access to the Avatar 3 movie. Attackers place particular emphasis on localisation, publishing the sites in multiple languages to attract users from different countries. However, the translations are often poorly executed and contain grammatical errors and inconsistencies, which may serve as indicators of fraudulent activity.

When users attempt to start the video, they are presented with a fake media player and prompted to register in order to obtain “full” or “unlimited” access to the film. As part of the registration process, users are asked to provide personal information, including an email address and mobile phone number.

At later stages, scammers may request additional data, including payment details, under the guise of activating a “free trial.” This creates risks of credential compromise, particularly if users reuse passwords across multiple services, and may also lead to financial losses.

“Cybercriminals consistently exploit major movie premieres to capture users’ attention and increase the effectiveness of their schemes. We advise accessing films only through official platforms and exercising caution when encountering websites that request personal or payment information. It is also important to use reliable security solutions to protect all devices, including mobiles,” said Olga Altukhova, Senior web content analyst at Kaspersky.

To avoid falling victim to these scams, Kaspersky advises users to:

• Check the authenticity of websites before entering personal data and only use official webpages to watch movies. Double-check URL formats and company name spellings.
• Always choose official and reputable streaming platforms to protect your personal data from theft and misuse. 
• Use a reliable security solution, such as Kaspersky Premium, that identifies malicious attachments and blocks phishing links. The quality of security solutions' phishing detection is annually evaluated by independent testing labs. For example, in 2025 and 2024 Kaspersky Premium achieved a 93% detection rate with 0 false positives in AV-Comparatives anti-phishing tests, and was awarded with the “Approved” certificate.
• Enable multi-factor authentication and monitor accounts: Activate 2FA on Apple ID and financial apps and regularly review statements for unauthorised activity.

BUSINESS REPORT