Netflix is a phishing goldmine for cybercriminals

We all love Netflix – which leaves us open to being tricked.

The amount of time we’ve spent scrolling through streaming services such as Netflix, Amazon Prime, YouTube, and Twitch has all increased as we’ve been locked indoors trying to avoid the coronavirus. And for scammers who try to capitalize on the latest trends and interests of the general public, there’s a potential goldmine to trick people into giving away personal details.

Cybercriminals often rely on our willingness to land a bargain or learn more about a favored product to trick us into clicking suspicious links. When we do so, the phishing attack often takes our personal details including usernames and passwords to key services, and then uses those to unlock more personal information such as bank accounts.

And there are few bigger household names right now than Netflix. According to cyber resilience firm Webroot’s real-time anti-phishing systems, the number of URLs that mention Netflix has shot up 525% between February and March – and 853% by May.

Netflix is the obvious choice

“Household names are often impersonated with phishing scams because it’s a fairly simple and easy way for attackers to target a large volume of individuals,” says Kelvin Murray, senior threat researcher at Webroot. “These threats are unfortunately only becoming more sophisticated and using popular public streaming services allows cybercriminals to appear more believable, and it only takes one click to put users at risk.”

The desire to consume the massive back catalog of Netflix content, perhaps without paying the streaming service’s monthly subscription fee, is driving many to visit links that seem like they’re attached to Netflix, but are actually traps laid by cybercriminals.

It’s not just Netflix-connected URLs that have seen a sharp increase in use by cybercriminals looking to capitalize on our gullibility and willingness to bag a bargain – or access content illegally for free. Links that appear to be connected to YouTube have also seen a staggering 3,064% increase in the first month of lockdown, while Twitch and HBO saw a 337% and 525% increase respectively.

How to stop the rot

It can be easy to be hoodwinked by seemingly legitimate services, and the standard of design and information that cybercriminals use to try and trick us into falling victim to phishing attacks has become significantly better over time.

In the early days of such phishing attacks, you could often identify a fraudulent email or website by the poor grammar, syntax, and spelling that would dot the page. But now things have become more sophisticated, with those tell-tale errors ironed out.

Now it’s far too easy to fall foul of such an attack and to end up giving up precious personal details to hackers that can then do with that what they want.

Tackling the problem

And it’s not just home users that are struggling to stay on top of the potential risks posed by such sites. According to Webroot, such attacks are commonplace on business networks, particularly now that the general population is often working from home and combining business with pleasure – often on the very same devices they use to access work networks remotely.

“Better security systems and training are key for protection, but the most important thing that businesses can do is back up data and ensure that backup can be restored, in case a phishing attack on an employee leads to a ransomware infection on the company network,” says Murray. 

“To defend against these kinds of attacks, individuals should undertake security awareness training and remain vigilant in scrutinizing the types of emails they receive. This should also be underpinned by cybersecurity technology such as email filtering, anti-virus protection, and strong password policies.”