Piracy sites are 'rife with scams' says media industry
Nearly all the UK's favourite movie and TV piracy sites "contain malware or credit card scams", according to a study published by the media industry.
It analysed 30 of the most visited sites offering access to copyright infringing material, and indicated only one was free of such threats.
The police have praised the group for raising awareness of the problem.
But other experts said the research was "misleading" and an exercise in "scaremongering".
The report was commissioned by the Industry Trust for Intellectual Property Awareness, whose members include Amazon, BBC Worldwide, HMV, BSkyB, Sony and Walt Disney.
It declined to name the sites involved.
Intelligent Content Protection (Incopro) - a consultancy specialising in anti-piracy services - was contracted to do the research.
It accessed pages listing the top five films and top five TV shows on each site over the fortnight beginning 4 April.
The firm said 20 of the surveyed sites featured credit card fraud and other kinds of scams, in which users might be asked to provide personal details to access content that was not as it appeared.
It added that malware and other "potentially unwanted programs" were found on 27 of the sites. It said these were most commonly triggered by a user clicking on what appeared to be a "play" button that actually carried out another function.
The most popular type - reportedly found on 10 of the sites - were pop-up ads that the authors said were annoying in themselves and could also be used to fool the user into installing other types of malware.
It said five of the sites contained rootkit malware, which could be used to modify the computer's settings so that its anti-virus protection was switched off and the machine used to secretly send spam or mount cyber-attacks.
In addition, the researchers said they found instances of:
- Four cases of ransomware - used to encrypt a PC's files so that they become useless unless a payment is made
- Twenty seven cases of spyware - used to send back information about the victim's browsing habits, email messages and passwords
- Twenty seven cases of browser hijacking - which can change the user's default home page and search engine as well as installing extensions that can be used to monitor the user's activity
There were no discovered cases where a pirate site automatically downloaded a malicious program without a link being clicked.
But one of Incopro's researchers said the sites benefited from the fees and other "kickbacks" paid by ad networks that place the icons and texts used to lure users.
"These fake play buttons, and that sort of thing, are very much driven by the desire of people to download content," Helen Saunders told the BBC.
"We view it as a kind of social engineering attack on the users who are tricked into downloading this stuff."
The Industry Trust also published details of a survey that questioned 4,210 UK-based pirate site visitors.
It said 77% of the respondents reported they had downloaded malware or other unwanted material as a result of using an unauthorised site.
The trust is advising the public to use its own Find Any Film service to find where to rent or buy legal material.
But one expert, from the University of Oxford's Internet Institute, called into question both the decision to withhold the names of the sites tested and how reliable a user survey would be in this case.
"While risks exist, the report is clearly scaremongering through carefully chosen statistics," said Dr Joss Wright.
"This is a clear extension of the long-running Fact [Federation Against Copyright Theft] strategy of portraying illegal copyrighted content as dangerous, after the ability to portray it as poor quality was finally dropped as untenable.
"It's safe to say that searching for illicit content on the internet is both risky and ethically questionable, but so is commissioning biased studies to promote new businesses."
Ernesto van der Sar, editor of the news site Torrentfreak, also raised concerns.
"The statistics reported are misleading as they suggest that the majority of the users end up with unwanted software or viruses. In practice, only the small minority who click on the ads are affected," he said.
"While many pirate sites carry advertisements that may lead to malware, the sites themselves do not host or actively distribute these files.
"Independent and reputable diagnostic tools, such as Google Safebrowsing, show no warnings for the websites that are most frequently visited."
However, Incopro said it would be wrong to absolve the pirate sites' administrators.
"This study didn't look in any form of detail about who was placing these buttons, ads or downloads on the pages," said Ms Saunders.
"But I think given the context in which the sites operate there is a fair chance that website operators would be involved in some of this."