Insight, News, Security

Top streaming platforms and shows exploited by cybercriminals discovered

24 November 2021: From the beginning of January 2020 through to the end of June 2021, Kaspersky products detected more than 93, 000 infection attempts disguised as the top five streaming platforms: Netflix, Disney+, Apple TV+, Amazon Prime Video and Hulu. When it comes to original shows on streaming platforms, The Mandalorian and Money Heist were the shows most frequently exploited to spread malicious activity due to their popularity. These and other findings are revealed in Kaspersky’s latest report, ‘Streaming wars continue — what about cyberthreats?’’, which analyses the streaming-related threat landscape in 2020-2021.

Content on-demand and streaming services have seen rapid growth in the past two years, which was further accelerated by the pandemic. Quickly adapting to the increased demand for alternative sources of entertainment, cybercriminals saw their opportunity to take advantage of users’ eagerness to watch their favourite shows on streaming platforms, with well-known fraud schemes hitting the web.

Kaspersky experts have analysed the latest trends and key events across the entertainment-related threat landscape throughout the peak phases of the pandemic. Overall, Kaspersky products detected 93,095 attempts to infect 18,938 unique users with 8,650 different files from January 1 2020, through to June 30 2021.

Netflix is not only the leading platform for membership but also the most popular streaming service used as a lure by cybercriminals. In fact, 89.93% of affected users faced malware or unwanted software while searching for Netflix and related content.

Cybercriminals are actively using streaming shows and series as bait. According to Kaspersky, almost 60% of infection attempts occurred using only two shows as a lure. The Mandalorian (28.72%) and Money Heist (28.41%), two of the world’s biggest hits in recent years, have been actively exploited by cybercriminals spreading their malicious activity. Other shows from the top five series regularly used as bait by phishers include Rick and Morty (9.69%), Peaky Blinders (9.25%) and Westworld (7.17%).

Learn more about the threat landscape of streaming services on Securelist.

“More and more users subscribe to streaming platforms to watch their favorite shows. As this does not require downloading any files to watch the content, we’d expect that type of malicious activity to decrease. However, cybercriminals adapt quickly to new trends and come up with more relevant types of fraud. Comparing the data of 2021 to the indicators of 2020, we see that downloading malicious files under the guise of TV shows has become much less common, but this does not save users from other threats such as streaming phishing scams where cybercriminals may steal their credentials and money”, comments Anon V. Ivanov, security expert at Kaspersky.

To avoid falling victim to malicious programs and scams while using streaming services, Kaspersky advises users to:

  • Check the authenticity of websites before entering personal data. Only use official, trusted web pages to watch or download movies. Double-check URL formats as well as company name spellings.
  • Use a reliable VPN service such as Kaspersky VPN Secure Connectionin order to get access to regional content of various streaming platforms.
  • Use a reliable security solution, such as Kaspersky Security Cloud, that identifies malicious attachments and blocks phishing sites.
  • Avoid links promising early viewings of content. If you have any doubts about the authenticity of content, check with your entertainment provider.
  • Be wary of any deals that seem too good to be true, such as a “one-year free subscription”.
  • Whenever possible, only access streaming platforms via your own paid subscription on the official website or app from official marketplaces.
Previous ArticleNext Article


The free newsletter covering the top industry headlines