Michael Greene, VP of product strategy at PC Tools, said fans are advised to watch the film in cinemas or download and purchase movies from trusted, legitimate sources.
"It's the most targeted film that we've seen", he said. "This is pretty scary stuff."
Cybercriminals are pushing "blackhat" search engine optimisation tactics to target the most popular file-sharing and P2P networks, including digg.com, blogspot.com and others.
The criminals are pursuing those interested in upcoming movie releases and in particular taking advantage of the sizeable Harry Potter fan base wanting to download the movie in advance of its screening.
First, a user will most likely come across optimised, illegitimate links within the blogosphere, said Greene.
Fans are baited with the text like 'Watch "Harry Potter and the Half-Blood Prince" online free' and comment posts are filled with related keywords to attract more search engines.
This link redirects to a blogspot post that contains more images from the movie itself, convincing the fan that the movie is only one click away.
Yet clicking on any one of these links on the blog post redirects fans to the illegitimate video offer, Greene said.
It is here that fans are prompted to download and install the additional "streamviewer" to view a sneak peek of the film.
The streamviewer then proceeds to install malware onto the users' computer.
PC Tools said users need to be aware that this "streamviewer" tactic is predicted to be used over P2P networks and other file-sharing networks as a way of capitalising on major events, news stories or movie releases.
-1.jpg&w=100&c=1&s=0)
.png&w=100&c=1&s=0)
