Threat Actors Eye Streaming Services, Popular Shows as New Baits For Cyberattacks

Are you a fan of ‘Stranger Things’ and ‘The Witcher’? Then, beware as cybercriminals are using these series as well as streaming platforms as lures to distribute their malicious payloads. 

What’s happening?

  • In the latest study, Kaspersky identified that cybercriminals are heavily disguising their malicious files as top streaming services and popular web series to launch attacks against users.
  • The purpose behind the disguise is to distribute malware, steal passwords, spread spam, and launch phishing attacks.
  • The study comes to light as users staying at home due to the coronavirus pandemic are tempted to search for alternative methods to watch their favorite content online rather than paying the subscription fee.

Top platforms targeted

  • Netflix, by far, is the most frequently targeted streaming service to lure users into downloading various threats that can be later used to gather login information or modify the application.
  • In a report shared by Infosecurity, it was found that threat actors were registering over 700 suspicious domains impersonating Netflix in under a week.
  • This is followed by Hulu, Amazon Prime, and Disney+.
  • These platforms were primarily used to distribute different types of trojans, which made up nearly 47% of all threats.
  • Apart from streaming services, threat actors are also targeting popular web series such as ‘The Mandalorian’, ‘Tiger King’, ‘Fleabag’, ‘Bosch’, ‘High Castle’, and others to expand their grasp.

Assessing the primary purpose

  • Stealing account credentials and retrieving the billing and credit card information are two of the primary purposes of phishing scams launched against streaming platforms.
  • Kaspersky found fake Netflix login pages in four different languages viz. French, Portuguese, Spanish, and English.
  • These scams are carried out through phishing emails that warn the recipients either their payment is outdated or must be confirmed, and unless they update it, their account access remains suspended.
  • Some phishing scams also offer a fraudulent one-year subscription to a particular streaming service in order to trick unsuspecting users easily. 
  • Those who fall for such scams are vulnerable to exposing their account credentials, bank account information, and credit card details. 

How to stay protected

  • Only access streaming platforms through paid subscriptions on the official website or app downloaded from official marketplaces.
  • Do not download unofficial versions of streaming platforms from third-party websites.
  • Use unique and strong passwords for every account.