The COVID pandemic has led to a surge in the use of streaming services as the public sought continuous new content to keep them entertained during national lockdowns. In 2020, the viewing figures for streaming services were up 71%, compared to the previous year.
Online streaming sites are a highly lucrative market for cybercriminals to launch attacks and steal personally identifiable information. They house data from millions of subscribers, including names, email addresses, and payment details. The surge in subscriptions over the pandemic has meant the number of people vulnerable to cyber attacks has increased substantially. Just hours after Disney + was launched, thousands of users’ accounts were hacked and their passwords and emails changed.
Not only do online streaming sites have masses of subscribers, but it is also common for users to share their login credentials with friends and family. Password sharing and recycling on these sites make them a prime target for distributing malware, launching spam, and phishing attacks.
Cyber Security and Illegal Streaming
Whilst traditional online streaming services have become increasingly popular, there are also large numbers of people who attempt to gain access to streaming sites at a discount or find other methods of viewing content that is not yet copyrighted in their location. This includes watching illegal content from unauthorised websites, via apps, or using an add-on accessed from a device such as a set-top box or a stick.
Although users may be tempted to search for alternative methods of watching their favourite content online rather than paying for another subscription service, cybercriminals use these illegal websites and apps to lure unsuspecting victims into scams via “free” downloads of popular films and TV shows.
What Are the Risks of Online Streaming?
When it comes to entertainment-based online streaming applications, security often takes the backseat. Just as all popular trends go, the increase in streaming use has opened a new attack channel for cybercriminals and can present a myriad of risks for users. These include:
Identity theft and fraud: Many online streaming sites require users to create an account for their services. Typically, people tend to use the same email address or username for all our accounts. Research by Google reports as many as 65% of people reuse the same password for multiple or all accounts.
If users utilise the same password on numerous sites, and it is discovered, it makes it easy for hackers to obtain access to other accounts. Cybercriminals can then extract confidential data and sell it to third parties, putting users at risk of identity theft and scams.
Research commissioned by FACT found that nearly half of all respondents would be willing to share their personal email address to gain access to an illicit stream.
Malware: Many illegal online streaming sites are riddled with malware or adware disguised as pirated video files.
Malicious software can infect other devices connected to a network and give hackers direct access to private files on a device. Malware may also make your device slow down or appear non-responsive, serve pop-up windows or ads, or take you to sites you don’t want to visit.
Phishing: Phishing scams often imitate streaming platform login pages or send fake emails that appear to be from popular steaming services, to trick users to confirm their payment details or add their billing information.
If recipients enter their credentials, cybercriminals can use their sensitive information to deliver future phishing attempts, obtain access to other accounts, or retrieve the credit card information linked with the account.
Inappropriate content: Watching content via an unauthorised website, a modified box, stick or add-on can expose younger viewers to explicit advertisements and age-inappropriate content.
How to Stay Safe Whilst Streaming Online
Use legal streaming services: There are many legal streaming services available, such as Amazon Prime, Netflix, and NOW TV. These “subscription video on demand” (SVOD) services have been growing in popularity over recent years and have clean, dedicated apps and sites with no malware or adware threats.
SVOD services often take enhanced security measures to keep the data of its subscribers safe and secure, including:
- Secure cookies to prevent malware
- DNS protection to verify the authenticity of user email addresses
- Robust SSL algorithms for data encryption
Avoid sharing data with untrusted platforms: You should never share your personal data with unknown sites or apps that you don’t know or trust.
Don’t click on suspicious links: Cybercriminals often embed malware into disguised images or hyperlinks. Never click on suspicious download prompts or links.
Password protection: Use a strong password, including lowercase and uppercase letters, numbers, and symbols. Never use the same password across all your accounts.