JAKARTA - Streaming services have become popular lately due to the current COVID-19 pandemic, making everyone spend more of their time working and doing activities at home.
However, that doesn't mean online streaming services can be safe from cybercriminals, who of course take advantage of the popularity of streaming apps by tricking unsuspecting users into signing up for fake services or handing over credentials to their legitimate accounts.
According to a new report from cybersecurity firm Kaspersky, phishing scams impersonating Netflix, Disney Plus, and other popular streaming services are increasingly being discovered to entice users to hand over credit card details and other payment information.
This scam involves creating fake landing pages for streaming services and getting users to log in using their existing credentials to harvest them or ask them to create new accounts.
Another way, in which scammers target users of streaming services by threatening to block access to their existing subscriptions. One of the most recent examples found by Kaspersky appears in an email saying that a user's account is on hold and asking them to update their payment method by pressing a big red button containing the text, “UPDATE YOUR ACCOUNT NOW”.
According to TechRadar, Friday, November 19, cybercriminals have also started using popular shows to attract unsubscribed fans by offering them the opportunity to watch shows on fake websites.
For example, Kaspersky discovered an unofficial page inviting fans to watch or download The Mandalorian. This page also features short clips from the movie trailer to make it look like a new episode that has never been shown before.
If users fall into this scam, they are then asked to sign up for a low-cost subscription to continue watching while unknowingly handing over their payment details and email address to the scammers.
Streaming Account Hijacked Unknowingly
Apart from stealing credit card details, cybercriminals are also interested in obtaining streaming service account credentials which they then sell on the Dark Web.
Since Netflix, Hulu, and most other streaming services allow multiple people to watch from the same account, other users can log in with the credentials they got from the Dark Web.
As password reuse across multiple online accounts continues to be a problem, cybercriminals can gain access to credentials for one site and then log into another. This is why it is highly recommended to use strong and unique passwords for all accounts.
To avoid falling victim to online streaming service scams, Kaspersky recommends that users avoid clicking on links in emails and go to the official website instead. Users should also pay attention to phishing red flags such as misspelled words, and use different passwords for all online accounts.
The English, Chinese, Japanese, Arabic, and French versions are automatically generated by the AI. So there may still be inaccuracies in translating, please always see Indonesian as our main language. (system supported by DigitalSiber.id)