This Last of Us scam steals banking info and infects gaming PCs with malware

The Last of Us Remastered
(Image credit: Sony Interactive Entertainment)

Ahead of the release of HBO’s new series based on the hit video game The Last of US, cybercriminals have already concocted several new scams designed to steal financial data and infect vulnerable PCs with malware.

Once the new show releases on January 13, new fans of the series will likely want to go back and play the games it’s based on. To capitalize on this, cybercriminals are already offering downloads for The Last of Us on PC even though the PC port of the game won’t arrive until March.

According to a new report from the cybersecurity firm Kaspersky, its researchers discovered a site that’s offering downloads of The Last of Us Part II for PC. However, the problem here is that – like its predecessor – the game’s sequel isn’t available yet nor has it even been announced for PC.

If an unsuspecting user does land on the site offering the game for free, malicious files are downloaded onto their PC instead of the real game. In an email to Tom's Guide, web content analyst at Kaspersky, Olga Svistunova provided further insight on the damage these malicious files can do, saying:

"The malicious files distributed can range from Trojans, which can collect your personal data, passwords, and your bank card details without you even knowing it, to ransomware, after which all the files on your device will be encrypted and cybercriminals will demand a ransom within a few hours to get access to them again."

Activation codes and ‘free’ gifts

In addition to sites with downloads for The Last of Us Part II, Kaspersky’s researchers also found a phishing site that provides activation codes for The Last of Us. However, to download the game’s installation file with the activation code, they first have to choose from several “gifts” like a brand-new Playstation 5 or $100 Roblox Gift Card they will receive with the game.

After choosing their free gifts, users are then told to enter their credentials and banking information in order to pay a commission fee. Not only will you not get the game but you will have also freely given your financial details to cybercriminals who could use it to commit fraud or even identity theft.

Kaspersky also points out the fact that cybercriminals have taken a different approach with The Last of US. While they’d normally try to trick potential victims by offering them early access to the HBO series, this time they’re distributing malicious files and stealing data using the games that are already available. This might indicate that they’re targeting younger gamers who are old enough to watch the show and may want to play the games but don’t yet know a lot about cybersecurity.

How to stay safe from malicious software and scams

Best antivirus software

(Image credit: Shutterstock)

When it comes to staying safe from scams like the two detailed above, you first want to check to make sure the game is actually available on the platform an ad or website may be suggesting it is. A quick web search would show that The Last of Us Part I comes out in March on PC and The Last of Us Part II has yet to be announced for the platform. 

From here, just like with apps on your smartphone, you only want to download games from official app stores like Steam, the Epic Games Store, Origin, the Microsoft Store, etc. Any game you download from a random website could contain malware or other viruses which is why you should be using the best antivirus software on your gaming PC. Likewise, you also want to look out for ads, emails or links that promise they can let you watch a TV series or film early. 

In his The Last of Us Review, our streaming editor Henry Casey gave the film a coveted 5-star rating and fans of the games on PlayStation will surely want to tune in on January 13. However, you should know that there’s a major timeline change from the video game you’re going to want to look out for. Excited to watch HBO's new series, here's how to watch The Last of Us online.

Anthony Spadafora
Senior Editor Security and Networking

Anthony Spadafora is the security and networking editor at Tom’s Guide where he covers everything from data breaches and ransomware gangs to password managers and the best way to cover your whole home or business with Wi-Fi. Before joining the team, he wrote for ITProPortal while living in Korea and later for TechRadar Pro after moving back to the US. Based in Houston, Texas, when he’s not writing Anthony can be found tinkering with PCs and game consoles, managing cables and upgrading his smart home.