Netflix and YouTube users warned about massive rise in data scams

These scams will try and get personal information, such as payment logins or passwords

Adam Smith
Monday 10 August 2020 17:06 BST
Comments
(AFP via Getty)

Your support helps us to tell the story

From reproductive rights to climate change to Big Tech, The Independent is on the ground when the story is developing. Whether it's investigating the financials of Elon Musk's pro-Trump PAC or producing our latest documentary, 'The A Word', which shines a light on the American women fighting for reproductive rights, we know how important it is to parse out the facts from the messaging.

At such a critical moment in US history, we need reporters on the ground. Your donation allows us to keep sending journalists to speak to both sides of the story.

The Independent is trusted by Americans across the entire political spectrum. And unlike many other quality news outlets, we choose not to lock Americans out of our reporting and analysis with paywalls. We believe quality journalism should be available to everyone, paid for by those who can afford it.

Your support makes all the difference.

Hackers have increased their attacks against streaming companies, as research has shown that phishing URLs which include Netflix, HBO, YouTube, and Twitch has risen dramatically.

Phishing is an attempt to steal sensitive information such as usernames, passwords, credit card numbers, bank account details and other personal data.

Research from cybersecurity company Webroot showed that Netflix phishing attempts had been made 60 percent more in July 2020 when compared to July 2019, and 646 percent more for March to July, the duration of the lockdown period.

Phishing URLs that contained the word YouTube also saw a dramatic increase, with 3,064 percent increase since February. Twitch and HBO also saw significant rises, with a 337 percent increase and 525 percent increase, respectively, since February.

Streaming services have seen their usage increase during the coronavirus pandemic and subsequent lockdown. Research from Ofcom has found that people watched Netflix, Amazon Prime Video and Disney+ and other services for one hour and 11 minutes per day, twice as much as they did before the pandemic.

Moreover, 12 million customers were new to the apps, and three million of them had never used any streaming service before.

As such, these companies have seen their subscriber numbers rise and their stock price has subsequently increased too.

There are numerous forms these phishing attacks can take. These include:

  • Deceptive phishing - using a fake link to steal a user’s login details
  • Spear phishing attacks - using a fake email address which appears genuine to convince victims to send over personal information.
  • Advanced-fee scam - commonly known as the “Nigerian price” email, a wealthy figure will ask for a small sum with the promise the sender will be rewarded with a larger sum at a later date.
  • Account deactivation scam - victims are told, purportedly from a member of a bank or similar organisation, that an account will be deactivated imminently if personal information is not handed over.

The best protection against the effects of these attacks are avoiding them in the first place. The government advises to check for spelling and grammar, as well as off-brand images or lacklustre standards. This can be especially notable considering the number of scams that use the imagery of high-profile organisations.

It also recommends checking whether the email addresses the reader by their name, or a general term such as “friend” and “valued customer”, as well as emails which include any threats or urges to act promptly.

However, even that will be less effective against more sophisticated hackers.

“Phishing tactics evolve and shift with the news agenda. In the past we’ve seen fake stories about Conor McGregor and Elon Musk driving click-through to malicious Twitter links, and now we’re seeing a huge rise in tactics related to Netflix. The fact that the streaming service has grown in popularity over the same lockdown time frame is not a coincidence” said Kelvin Murray, a Senior Threat Researcher at Webroot, in a statement.

“To defend against these kinds of attacks, individuals should undertake security awareness training and remain vigilant in scrutinising the types of emails they receive. This should also be underpinned by cybersecurity technology such as email filtering, anti-virus protection, and strong password policies."

Join our commenting forum

Join thought-provoking conversations, follow other Independent readers and see their replies

Comments

Thank you for registering

Please refresh the page or navigate to another page on the site to be automatically logged inPlease refresh your browser to be logged in