With the popularity of streaming services and increased demand during the coronavirus pandemic, hackers often use the names of popular sites and shows to lure unsuspecting users to scams.
A recent study by Kaspersky has shed more light on the issue. The study identified the most popular streaming services used by scammers to lure victims.
No ad to show here.
Researchers also found that cybercriminals use trending shows to lure targets to their malware or phishing websites.
Here are a few highlights of the findings by Kaspersky…
Most popular streaming site for scammers: Netflix
When it comes to posing as a streaming website or using a brand’s name to lure targets, Netflix is the most popular site used by scammers.
“In terms of the platforms most frequently used as a lure when tricking users into downloading various threats, Netflix is still, by far, the most targeted–whether it’s luring people who are trying to gain access to the platform or watch its original shows,” Kaspersky said on its SecureList post on the findings.
The company analysed malware and threats posing as five of the most popular streaming services globally. They also looked at threats where the names of these companies were used as lures.
Kaspersky looked at five major streaming sites: Netflix, Hulu, Amazon Prime Video, Disney+, and Apple TV Plus.
Tactics used by cybercriminals include replicating streaming sites to steal financial and login information, luring users with promises of free subscriptions or circumventing region locks, or bundling files claiming to be popular shows with malware.
Cybercriminals also sent emails posing as streaming sites, asking users to update their payment information.
While globally the most popular site used as a lure was Netflix, tactics changed depending on the audience.
For example, in the US (Amazon’s biggest market), Amazon Prime was the most-used lure.
Netflix’s popularity as a lure likely stems from its availability in most countries. Meanwhile, sites like Hulu are only available in specific regions.
However, the most infection attempts that used Disney+ as a lure actually targeted users in Algeria. The service is not available in Africa and Disney has been silent on planned rollout to the continent.
In this case, hackers have used the lack of availability of the service to lure users. They do this by promising a way to get around the region lock.
Apple TV+ not used as lure
When analysing their sample, Kaspersky found no attempts to scam Kaspersky users using Apple TV+ as a lure.
Researchers think this may be due to a number of reasons, including the free subscription bundled with Apple products.
“Since most malware is downloaded when users try to gain access without a paid subscription, the more people get access to the service, the less malware is downloaded,” Kaspersky said.
Furthermore, Apple TV+ does not have the same foothold in the industry as many other streaming platforms.
Most popular shows used by hackers
When it comes to using shows as a lure, Kaspersky found that some of the biggest releases by streaming platforms were used.
Most of the shows came from Netflix, but the top lure was The Mandalorian from Disney+.
The top five shows used by scammers included: The Mandalorian, Stranger Things, The Witcher, Sex Education, and Orange is the New Black.
You can see the top 10 shows used as lures below:
Streaming scams targeting South Africans
Kaspersky also provided insight into how these scams attempt to target South Africans.
For example, 117 attempts targeted South Africans using Netflix as a lure.
Meanwhile, regional streaming service Showmax appears as a lure in African countries.
Researchers saw 61 attempts to distribute malware using Showmax as a lure in Africa.
Hulu’s lack of availability locally also gives hackers another avenue to use the service as a lure.
“For platforms like Hulu, which aren’t available in South Africa, the only option for users to gain access is through unofficial means—making them more vulnerable to encountering various threats,” Anton Ivanov, malware analyst at Kaspersky, told Memeburn.
Spain was the major target country for scammers using shows as lures. However, South Africa fell into the top ten targeted countries.
Of the threats using major shows as a lure, two percent of attempts by scammers targeted South Africa. This is a higher rate than the Philippines, Turkey, and Belarus.
For more detail on the report, you can visit the SecureList website.
Cybercriminals are using the lockdown and related activities to lure victims.
This includes cyberattacks targeting remote workers in South Africa. Cybercriminals have also increased attacks targeting gamers due to the gaming surge in lockdown.
Feature image: Kaspersky