A new phishing attack aimed at the Internet users of Per, this time the attackers pose as a well-known chain of cinemas and try to make the victims believe that they won 2 tickets.
To redeem them you have to download and print (in less than 24 hours: D) a supposed voucher that is actually a Trojan cineplanet.exe (VT 7/43).
The deception is quite convincing, in addition to impersonating the identity of the company, the URL that they use in the false message is camouflaged quite well, noting that it is actually a .org domain and not cineplanet.com.pe which would be the real domain of the movies; On the other hand, the executable file once downloaded is shown as a PDF document, which they achieve simply by changing the icon associated with the file:
On official Facebook the CinePlanet team has published a statement alerting customers to these scams, further clarifying that they never request the download or installation of files to claim any prize.
As always, you have to be careful with the received links and think twice before downloading!
Thanks @natorrante for sending!
See also: Enable Windows extensions for added security.