In short: As more people subscribe to streaming services, cybercriminals are taking advantage of the less tech-savvy by using classic phishing techniques by forcing users to hand over their login credentials and payment information.
Cybersecurity giant Kaspersky reports the increasingly popular practice of using streaming services such as Netflix, Disney Plus and Amazon Prime as phishing bait. Scammers use fake registration pages and landing pages, which can be quite convincing at first glance, but usually have clear signs that something is wrong; take a look at the following for an example.
One of the most common emails is Netflix’s fake “Update Payment” alert, which says the user’s account is locked until their payment details are verified. Again, some might think this sounds compelling, but a real Netflix is unlikely to start an email with the words “Dear Customer.” Pressing the red button directs you to a fake personal data page that is free of spelling errors, but entering credit card numbers is a surefire way to get a nasty surprise.
Another method is to target non-subscribers with the prospect of watching new untranslatable episodes of the show that the scammers have pieced together from different clips, in this case, The Mandalorian. They are then asked to subscribe to a low-cost subscription to continue watching.
While stealing your credit card / bank details is the worst case scenario, criminals also look for user credentials to log into the streaming service. They can be sold on the dark web, and since multiple devices can stream content at the same time using the same account, victims may need to wait for a stranger to log out before they can watch their favorite show. There is also the risk of reusing the same passwords across multiple sites and services, which many people still do today.