Posted inSecurityConsumer Tech

Cybercriminals exploiting top streaming platforms and shows: Kaspersky

Cybercriminals exploiting top streaming platforms, top five platforms under attack, Money Heist and The Mandalorian are the most popular lures.

by Louis Parks
Cybercriminals exploiting top streaming platforms, top five platforms under attack, Money Heist and The Mandalorian are the most popular lures
An example of a phishing page offering to stream Money Heist.
by Louis Parks

From the beginning of January 2020 to the end of June 2021, Kaspersky products detected more than 93,000 infection attempts disguised as the Netflix, Disney+, Apple TV+, Amazon Prime Video and Hulu streaming platforms as cybercriminals are exploiting top streaming platforms and shows.

Lure of popular shows

Kaspersky’s latest report shows that cybercriminals are exploiting top streaming platforms and taking advantage of users’ excitement over the latest hits. Kaspersky products detected 93,095 attempts to infect 18,938 unique users with 8,650 different files from January 1 2020, through to June 30 2021.

Cybercriminals are actively using streaming shows and series as bait. 89.93% of affected users faced malware or unwanted software while searching for Netflix and related content. According to Kaspersky, almost 60% of infection attempts used only two shows as a lure. The Mandalorian (28.72%) and Money Heist (28.41%), two of the biggest hits in recent years, are being exploited by cybercriminals. Other shows regularly used as bait by phishers include Rick and Morty (9.69%), Peaky Blinders (9.25%) and Westworld (7.17%).

Phishing scams on the rise

Speaking on Cybercriminals exploiting top streaming platforms, ‘Anon V. Ivanov, security expert at Kaspersky, said, “More and more users subscribe to streaming platforms to watch their favorite shows. As this does not require downloading any files to watch the content, we’d expect that type of malicious activity to decrease. However, cybercriminals adapt quickly to new trends and come up with more relevant types of fraud. Comparing the data of 2021 to the indicators of 2020,we see that downloading malicious files under the guise of TV shows has become much less common, but this does not save users from other threats such as streaming phishing scams where cybercriminals may steal their credentials and money.’

Kaspersky highlighted a series of steps users can take to help avoid becoming a victim of cybercrime:

  • Check the authenticity of websites before entering personal data. Only use official sites to watch or download programs and check the URL format of the site, along with the spelling of company names.
  • Use a reliable VPN service to connect to access the various platforms.
  • Avoid links promising early access to new content, if unsure, contact your service provider.
  • Be wary of deals promising early access, or free subscriptions.
  • Where possible, only access streaming platforms through your own paid subscription via official websites or storefronts.

These latest threats come at a time when scammers are also leveraging fears around COVID-19 to create pandemic-related phishing sites.