The meteoric rise in new signups to streaming services such as Netflix and Disney+ in recent weeks has given opportunistic scammers the chance to take advantage of the situation. This is evidenced by new research by the cybersecurity firm Mimecast, which revealed that some 700 scam websites have popped up on the internet between April 6 and 13, designed with the sole purpose of stealing personal data by pretending to offer online streaming.
The rise in scam websites comes at a time when Netflix predicts that it will add seven million new customers to its streaming service in the first quarter of 2020, and when Disney+ began its expansion into Europe.
According to Mimecast, the increased number of scam websites leaves internet users particularly vulnerable to falling victim to online deceit, because the data harvested includes names addresses and other information that can lead to their financial loss.
How scam websites work
The number of new paying customers for online video streaming services has risen sharply in recent weeks, with a large number of people around the world remaining at home as a result of various restrictions in place to curb the spread of COVID-19. The situation brings about a new level of risk, says Carl Wearn, the head of E Crime at Mimecast, who points out that people can be easily duped into giving away their information to hackers running scam websites.
“The COVID-19 pandemic and its resulting lockdown has left people with a lot more time on their hands at home and one way people are filling this time is with streaming services,” Wearn explains. “This binge-watching comes with security risks, as cybercriminals look to take advantage of the uptick in television viewing.”
Wearn adds that, as a result of this trend, Mimecast has observed a “dramatic rise in suspicious domains impersonating a variety of streaming giants for nefarious purposes.”
While, at a cursory glance, such scam websites do indeed resemble the real versions in many cases, a closer inspection typically will reveal poor web design, suspicious URLs and even spelling and grammatical errors in the web copy. Nevertheless, some internet users fail to notice the tell-tale signs and freely give their names, passwords, and credit card details over to the criminals behind the scam websites, believing them to be legitimate streaming services.
“These spoof websites often lure unsuspecting members of the public in with an offer of free subscriptions to steal valuable data,” says Wearn, who adds that the data harvested “includes names, addresses and other personal information, as well as stealing credit-card details for financial gain.”
Ultimately, with this information in the hands of the criminals behind the scam websites, any internet user who is duped in this manner could potentially have much to lose.
Not only would the cybercriminals behind the scam streaming services have the ability to drain victims’ bank account, but they would also have the ability to use the stolen credentials to try to access other online services, given the propensity for many people to reuse the same, or similar, login details across multiple online services.
“My advice to the public is simple,” Wearn says, “if something looks too good to be true, then it probably is.”
“Offers of free subscriptions are usually well-advertised and easy to find,” he adds, “so check the validity of any such claim before providing any information.”
Online streaming services soaring
The surge in new scam websites across the internet arises directly from the millions of new eyes which have turned to online streaming as a means to pass the time during the pandemic lockdowns. As a consequence, online streaming services are all reporting higher-than-usual performance as a result of the new demand.
So far, for example, lockdowns in the UK have given rise to a 29% increase in the number of viewers of both television and online streaming services over the Easter period, when compared to the year before.
Netflix, currently has more over 160 million subscribers around the world, has seen its market value soar to a record $192 billion since the lockdown came into force.
While Netflix’s competitor Disney+ did not see so big a rise, the company nevertheless managed to double its global subscription numbers to 50 million between February and early-April, and began expanding from the US into the UK, Ireland, Germany, Austria, Italy, France, Spain, and Switzerland on March 24.
The new surge in demand for online streaming services has been so unprecedented, in fact, that Netflix and YouTube both opted to reduce the streaming bitrates of their services for the month of April in order to prevent the internet from straining under unprecedented usage due to the COVID-19 pandemic.