Hackers Target Netflix and Disney+ with #COVID19 Phishing

Hackers are turning their attention to streaming services in an ongoing bid to capitalize on the current COVID-19 pandemic and increase their own profits, according to Mimecast.

The email security vendor revealed that it had detected the registration of over 700 suspicious domains designed to impersonate the Netflix brand in under a week. The recently launched Disney+ service is also coming under increasing scrutiny from black hats, it claimed.

The reason is simple: COVID-19-related government lockdowns have forced the population of many countries to stay indoors, with some companies furloughing or letting go workers. With parents, children and students all obliged to stay at home, streaming services have understandably soared in popularity.

Providers are said to have cut bandwidth usage to prevent service outages, while Disney claimed last week that paid subscriptions of its streaming service climbed past 50 million, almost double its February figure.

According to Carl Wearn, head of e-crime at Mimecast, hackers are doing what they usually do and following the money.

“The COVID-19 pandemic and its resulting lockdown has left people with a lot more time on their hands at home. One way that British people are filling this time is with streaming services. This binge-watching comes with security risks, as cyber-criminals look to take advantage of the uptick in television viewing,” he explained.

“We have seen a dramatic rise in suspicious domains impersonating a variety of streaming giants for nefarious purposes. These spoof websites often lure unsuspecting members of the public in with an offer of free subscriptions to steal valuable data. The data harvested includes names, addresses and other personal information, as well as stealing credit-card details for financial gain.”

Phishing campaigns like these are not limited to streaming services, of course. There has been an uptick in general COVID-19-themed attacks designed to trick users into clicking through.

Google claimed to be blocking 18 million malicious and phishing emails with coronavirus lures every day.

The UK’s National Cyber Security Centre (NCSC) this week launched a dedicated reporting service for members of the public to submit suspicious emails to.

What’s Hot on Infosecurity Magazine?