According to cybersecurity specialist Kaspersky, 2019 was officially the year the Streaming Wars kicked off, as nearly all major networks hurried to profit from consumers’ new, preferred method of consuming content: streaming platforms.
The company suggests that cyberthreats aren’t relegated to the world of big businesses and large-scale campaigns, with the most frequent attacks actually being the daily encounters with malware and spam by everyday users, with one of the areas where we’re most vulnerable being entertainment – particularly when we’re so used to finding everything and anything we want to watch or play for little or no money online.
“That’s why, last year, we took a look at how cybercriminals use popular shows to spread malware,” says the firm. “This year, we turned to a no less popular entertainment sector: streaming platforms. Not only are millions of account purchasers susceptible, but so are the millions more who receive access via relatives or friends that share their passwords and an unknown number of people who attempt to gain access to these platforms at a discount or are relegated to finding other methods of viewing their content in areas where the services aren’t available.
To help make users around the world become aware of the threats—and stay protected— Kaspersky has taken an in-depth look at the cybercrime landscape of streaming services.
It analysed several different types of threats—malware associated with streaming platforms and the original content they release, as well as phishing emails and fake websites/login pages. The results reflect those users (mobile or PC) that encountered various threats from January 2019 until April 8th, 2020. The streaming platforms analysed are Netflix, Hulu, Amazon Prime Video, Disney + and Apple TV Plus.
When it comes to streaming platforms, malware and other threats (such as adware) are most often downloaded when users attempt to gain access through unofficial means—whether by purchasing discounted accounts, obtaining a ‘hack’ to keep their free trial going, or attempting to access a free subscription. Many times, these unofficial links or files come bundled with other malicious programs, such as Trojans and backdoors.
One of the oldest—and most effective ways—for stealing account credentials is through phishing. Phishing scams related to streaming platforms include creating imitations of login pages as a way to harvest credentials. And Netflix remains the most popular target. Kaspersky researchers found fake Netflix login pages in four different languages (French, Portuguese, Spanish, and English). They also found imitations of Hulu.
“Streaming services not only provide a prime target for spam and phishing scams, they also come in handy when trying to deliver malware,” warns Kaspersky. “Of course, those who subscribe to streaming services through official channels and only use approved versions of the apps can, in most cases, avoid accidentally downloading malware or other threats,” it notes.
Netflix was the most common platform used by criminals as a way to lure users into downloading various threats by far, with Hulu being the second most popular and Amazon Prime the third. Only 28 users encountered various threats while trying to watch Disney + through unofficial means and none when trying to watch to Apple TV Plus.
Kaspersky notes that streaming services such as Netflix made their name not only from streaming third parties’ movies and TV shows but producing their own content. For those who want to see these original shows, but not pay $5-$10 dollars a month on a subscription, the only way to watch them is by downloading them from a third party. This, of course, carries a risk of downloading malware.
In terms of the number of unique users affected, the 10 original shows (among the 25 mentioned in the Methodology section of the study) most frequently used by criminals as a lure to distribute various threats, including malware, were:
|The Mandalorian (Disney +)||1614|
|Stranger Things (Netflix)||1291|
|The Witcher (Netflix)||1076|
|Sex Education (Netflix)||420|
|Orange is the New Black (Netflix)||253|
|The Man in the High Castle (Amazon Prime Video)||142|
|The Expanse (Amazon Prime Video)||119|
|Fleabag (Amazon Prime Video)||102|
|Castle Rock (Hulu)||99|
The ten original shows from Amazon Prime, Apple TV Plus, Hulu, Netflix, and Disney + most frequently used as a lure to distribute various threats and the number of unique users that encountered various threats
“The streaming wars have only just begun—and so too has the various cybercrime associated with it,” warns Kaspersky. “The global pandemic and subsequent surge in subscribers has only provided additional impetus for cybercriminals to target these platforms,” it says, suggesting that no matter the platform or the show you choose to watch, it is important to take certain precautions to stay safe. In order to stay safe from phishing scams related to streaming platforms, Kaspersky experts recommend:
To protect yourself from malware when trying to watch streaming platforms or their original series: