From the beginning of January 2020 through to the end of June 2021, Kaspersky products detected more than 93, 000 infection attempts disguised as the top five streaming platforms: Netflix, Disney+, Apple TV+, Amazon Prime Video and Hulu. When it comes to original shows on streaming platforms, The Mandalorian and Money Heist were the shows most frequently exploited to spread malicious activity due to their popularity. These and other findings are revealed in Kaspersky’s latest report, ‘Streaming wars continue — what about cyberthreats?’, which analyses the streaming-related threat landscape in 2020-2021.
Content on-demand and streaming services have seen rapid growth in the past two years, which was further accelerated by the pandemic. Quickly adapting to the increased demand for alternative sources of entertainment, cybercriminals saw their opportunity to take advantage of users’ eagerness to watch their favorite shows on streaming platforms, with well-known fraud schemes hitting the web.
Kaspersky experts have analyzed the latest trends and key events across the entertainment-related threat landscape throughout the peak phases of the pandemic. Overall, Kaspersky products detected 93,095 attempts to infect 18,938 unique users with 8,650 different files from January 1 2020, through to June 30 2021.
Netflix is not only the leading platform for membership but also the most popular streaming service used as a lure by cybercriminals. In fact, 89.93% of affected users faced malware or unwanted software while searching for Netflix and related content.
Malware and unwanted application distribution by platform, January 1, 2020 - June 30, 2021
Cybercriminals are actively using streaming shows and series as bait. According to Kaspersky, almost 60% of infection attempts occurred using only two shows as a lure. The Mandalorian (28.72%) and Money Heist (28.41%), two of the world’s biggest hits in recent years, have been actively exploited by cybercriminals spreading their malicious activity. Other shows from the top five series regularly used as bait by phishers include Rick and Morty (9.69%), Peaky Blinders (9.25%) and Westworld (7.17%).
An example of a phishing page offering to stream Money Heist
Learn more about the threat landscape of streaming services on Securelist.
‘More and more users subscribe to streaming platforms to watch their favorite shows. As this does not require downloading any files to watch the content, we’d expect that type of malicious activity to decrease. However, cybercriminals adapt quickly to new trends and come up with more relevant types of fraud. Comparing the data of 2021 to the indicators of 2020,we see that downloading malicious files under the guise of TV shows has become much less common, but this does not save users from other threats such as streaming phishing scams where cybercriminals may steal their credentials and money,' comments Anton V. Ivanov, security expert at Kaspersky.
To avoid falling victim to malicious programs and scams while using streaming services, Kaspersky advises users to:
Kaspersky is a global cybersecurity and digital privacy company founded in 1997. Kaspersky’s deep threat intelligence and security expertise is constantly transforming into innovative security solutions and services to protect businesses, critical infrastructure, governments and consumers around the globe. The company’s comprehensive security portfolio includes leading endpoint protection and a number of specialized security solutions and services to fight sophisticated and evolving digital threats. Over 400 million users are protected by Kaspersky technologies and we help 240,000 corporate clients protect what matters most to them. Learn more at www.kaspersky.com.