The new Demon Slayer: Kimetsu no Yaiba – Infinity Castle movie recently premiered in several countries, but its debut has also led to a surge in scam activity. Cybercriminals are exploiting users’ interest in the new film, luring them with the promise of free access to the anime. Kaspersky experts have identified scam websites in multiple languages, indicating that attackers are seeking to reach a global audience by exploiting the film’s popularity.
The scam works as follows: attackers create fake websites that claim to offer free access to the new movie with voiceovers in the user’s native language. However, when visitors attempt to play the video, a fake player appears, prompting them to register in order to supposedly gain access to the film and receive “unlimited access” to the platform’s content.
An example of a website and the fake player prompting users to register to continue watching the movie.
To register and continue watching the movie, users are asked to provide personal information, such as their email address and, in some cases, a mobile phone number, in addition to creating a password. Later steps of the fake registration request banking details under the guise of a “free trial,” putting users at risk of credential theft, especially if the same password is used across multiple accounts, and potential financial loss.
Example of a registration form on a scam website.
“We’ve seen that cybercriminals often try to profit from high-profile premieres like Demon Slayer, exploiting the fan bases of popular franchises. We strongly encourage users to access content only through official platforms to protect their personal data and avoid financial harm,” says Olga Altukhova, Senior Web Content Analyst at Kaspersky.
To avoid falling victim to scams, Kaspersky advises users to:
- Check the authenticity of websites before entering personal data and only use official webpages to watch or download movies. Double-check URL formats and company name spellings.
- Always choose official and reputable streaming platforms to protect your personal data from theft and misuse.
- Use a reliable security solution that identifies malicious attachments and blocks phishing links. The quality of security solutions’ phishing detection is annually evaluated by independent testing labs. For example, in 2025 and 2024 Kaspersky Premium achieved a 93% detection rate with 0 false positives in AV-Comparatives anti-phishing tests, and was awarded with the “Approved” certificate.
- Enable multi-factor authentication and monitor accounts: Activate 2FA on Apple ID and financial apps, and regularly review statements for unauthorised activity.
