When a film tops $1bn in global box office ticket sales and receives lots of hype, the scammers, fraudsters and opportunists inevitably jump on the bandwagon. Barbie is this summer’s biggest hit, turning the world pink, but it’s also providing fraudsters with the perfect avenue for a multitude of scams including malware attacks and misleading ads.

How Fraudsters Are Targeting Barbie Movie Fans

McAfee, the cybersecurity company, has identified several malware attacks leveraging Barbie including:

• Fake movie downloads: Where the consumer thinks they are downloading the movie but instead the .zip file they click on is full of malware. 
• Fake ticket downloads: Another tactic installs a relatively new form of malware called RedLine Stealer instead of the promised film tickets the consumer thinks they’re getting. 

RedLine Stealer is malicious software that captures sensitive information from victims’ web browsers, apps, messaging platforms and cryptocurrency wallets using a customisable file-grabbing function. It collects detailed data about the infected device, including its software, antivirus tools and active processes. This malware can also execute complex ransomware attacks. Essentially, RedLine Stealer operates as a remote access trojan, sending stolen data to hackers who then sell it on dark web forums.

Misleading Ads Exploiting Barbie Fans

The Barbie movie is not only being used by scammers to initiate malware attacks, in the mVAS space misleading ads are using the film to trick consumers into subscribing to content and other services they don’t want. 

MCP’s ad monitoring platform, MCP SCANNER, has discovered several ad campaigns using the Barbie movie to exploit fans. These ads use enticing offers like free streaming access or film downloads but instead of getting the film, consumers are redirected to unintended websites or pages that have nothing to do with the Barbie movie. 

In the process, consumers may be subscribed to a service they didn’t consent to and in some cases be exposed to content they find offensive such as adult content.

MCP SCANNER Shuts Down Barbie Scam

MCP SCANNER monitors ad flows by geo on all the carrier networks. When we come across any fraudulent activity or misleading advertisement within a specific geographic area, like the Barbie ones in the screenshots above, our system identifies and captures the process from the initial advertisement to the landing page. This data, including logs and screenshots, is then stored in our system alongside client data in their respective portals – if one or more of the partners in the value chain is an MCP client. 

We then analyse the entities involved in this value chain, namely the Service Provider, Payment Aggregator, Network Operator, and Regulatory Body. Although in some instances the Service Provider (CSP) is actively involved in the scam, often this is not the case. It may be an unscrupulous player further down the value chain, or the CSP has been a victim of hacking. 

If the CSP is one of our clients, we immediately notify them and request prompt removal of the offending advertisement. Should the other partners within this chain also be our clients, we escalate the issue to them. If the CSP fails to take action within the stipulated timeframe, appropriate actions such as warnings, payment restrictions, or even blacklisting may be imposed on them.

How to Keep Consumers Safe from Misleading Ads and Fraud

The saying “If something seems too good to be true, it probably is” certainly is true here. The Barbie movie, and others like Oppenheimer which we’re also seeing appear in misleading ads, is currently only available to watch in cinemas. 

However unofficial versions do exist, and many consumers are familiar with these unauthorised copies that often circulate online. Misleading ads, and other scams, play on the desire to access content conveniently and for free. 

To protect consumers and carrier billing revenue streams, we recommend the following best practices:

1. Consumer awareness initiatives: It’s crucial to educate customers about fraudulent activities and the tactics scammers use to exploit popular culture, such as movies like the Barbie film. Regularly communicate through various channels, such as newsletters, social media, and even direct messaging, to raise awareness about the risks associated with engaging with suspicious ads. Empower consumers with the knowledge to recognise these deceptive tactics and make informed decisions.
2. Ad monitoring solutions: Implement robust ad monitoring solutions like MCP SCANNER to proactively identify and combat fraudulent activities on the network. CSPs can also use these solutions to monitor ad content created by affiliates and advertisers. These technologies utilise advanced algorithms to detect misleading ads and scams, allowing you to take swift action against such content. Regular scans of your network can help ensure that misleading ads are promptly flagged and removed, safeguarding the customer experience.
3. Collaboration with industry partners: Join forces with other stakeholders in the industry, such as content creators, payment aggregators, regulators and cybersecurity experts. By sharing insights, data and best practices, you can collectively work towards eradicating fraudulent activities from the mVAS/DCB landscape. Collaborative efforts amplify your impact and contribute to a safer online environment for all.
4. Due diligence and risk control (DDRC): Implement DDRC processes for CSPs and advertisers, and thoroughly review the content of advertisements before they go live. Incorporate technologies that identify patterns commonly associated with fraudulent activities, reducing the chances of these ads slipping through.
5. Code of Conduct: Implement a Code of Conduct for all parties in the value chain and explicitly state the consequences of engaging in fraudulent activities or attempting to deceive users through misleading ads. Transparency in your policies sends a strong message that such behaviour will not be tolerated and may result in legal action.

By implementing these recommendations, you can create a safer environment for consumers and protect carrier billing revenue streams from the damaging effects of fraud. As the digital landscape evolves, your proactive efforts will help maintain trust in your network and contribute to a more secure mVAS/DCB ecosystem.

To learn more about how MCP can help you mitigate the risks associated with DCB, and maximise the rewards, get in touch.