Netflix and Disney Plus fakes are stealing personal data - here’s how to stay safe

News
By published

Scammers taking advantage of spike in streaming during the pandemic

(Image credit: Shutterstock / wutzkohphoto)

Researchers have identified more than 700 malicious Netflix and Disney+ clones being used by scammers to scrape victims’ personal data.

The fraudulent websites either steal funds directly via fake subscriptions, or harvest credit card data and login credentials to be used at a later date.

Some of the clones are said to look extremely convincing, although the majority are reportedly characterised by their amateur design and syntax errors.

Netflix scams

Between April 6 and 13 alone, cybersecurity firm Mimecast identified roughly 700 websites mimicking Netflix, the world’s most popular streaming service. The firm also discovered four clones of smaller streaming platform Disney+ in the same period.

The appetite for content streaming has skyrocketed in recent weeks as people endeavour to entertain themselves under coronavirus lockdown. As a result, Netflix’s market value has surged to $192 billion, in a period in which the vast majority of businesses have seen their share price fall through the floor. 

Although the precise increase in Netflix subscribers is unknown, the company is expected to announce its quarterly earnings on April 21, which should shed light on the extent of its recent success.

According to Carl Wearn, cybercrime lead at Mimecast, the increase in streaming on all manner of platforms is likely to pique the interest of hackers.

“We have seen a dramatic rise in suspicious domains impersonating a variety of streaming giants for nefarious purposes,” he said.

“These spoof websites often lure unsuspecting members of the public in with an offer of free subscriptions to steal valuable data. The data harvested includes names, addresses and other personal information.”

The theft of data of this kind can open the door to a practice known as credential stuffing, whereby cybercriminals use stolen credentials to gain unauthorised access to a host of online services.

For this reason, users are advised to use unique passwords and protect accounts with multi-factor authentication where possible, especially if they suspect they have fallen victim to a fraudulent website.

Users should also check websites for spelling errors and incongruous formatting, and ensure URLs do not contain any irregularities.

Via The Guardian

Joel Khalili
Joel Khalili
News and Features Editor

Joel Khalili is the News and Features Editor at TechRadar Pro, covering cybersecurity, data privacy, cloud, AI, blockchain, internet infrastructure, 5G, data storage and computing. He's responsible for curating our news content, as well as commissioning and producing features on the technologies that are transforming the way the world does business.

Latest in Security
IBM office logo
IBM to provide platform for flagship cyber skills programme for girls
Hacker silhouette working on a laptop with North Korean flag on the background
North Korea unveils new military unit targeting AI attacks
An image of network security icons for a network encircling a digital blue earth.
US government warns agencies to make sure their backups are safe from NAKIVO security issue
Laptop computer displaying logo of WordPress, a free and open-source content management system (CMS)
This top WordPress plugin could be hiding a worrying security flaw, so be on your guard
Computer Hacked, System Error, Virus, Cyber attack, Malware Concept. Danger Symbol
Veeam urges users to patch security issues which could allow backup hacks
UK Prime Minister Sir Kier Starmer
The UK releases timeline for migration to post-quantum cryptography
Latest in News
Google Gemini AI
Gmail is adding a new Gemini AI tool to help smarten up your work emails
Android 16 logo on a phone
Here's how Android 16 will upgrade the screen unlocking process on your Pixel
Visual Intelligence identifying a dog
AirPods with cameras for Visual Intelligence could be one of the best personal safety features Apple has ever planned – here's why
Nvidia AMD
Nvidia rumors suggest it's working on two affordable GPUs to spoil AMD's party
A Minecraft sheep.
Minecraft developer rejects generative AI, 'it's important that it makes us feel happy to create as humans'
IBM office logo
IBM to provide platform for flagship cyber skills programme for girls
More about security
IBM office logo

IBM to provide platform for flagship cyber skills programme for girls
Hacker silhouette working on a laptop with North Korean flag on the background

North Korea unveils new military unit targeting AI attacks

A Minecraft sheep.

Minecraft developer rejects generative AI, 'it's important that it makes us feel happy to create as humans'
See more latest
Most Popular
A Minecraft sheep.
Minecraft developer rejects generative AI, 'it's important that it makes us feel happy to create as humans'
Nvidia AMD
Nvidia rumors suggest it's working on two affordable GPUs to spoil AMD's party
Google Gemini AI
Gmail is adding a new Gemini AI tool to help smarten up your work emails
Visual Intelligence identifying a dog
AirPods with cameras for Visual Intelligence could be one of the best personal safety features Apple has ever planned – here's why
Android 16 logo on a phone
Here's how Android 16 will upgrade the screen unlocking process on your Pixel
Apple iPhone 16 Review
New iPhone 17 report lends weight to rumors of major display and camera upgrades, and a pricey Apple foldable
IBM office logo
IBM to provide platform for flagship cyber skills programme for girls
Sky Glass Gen 2
It's a Glass act: the next generation of Sky Glass TV is now at Currys
Teams
Microsoft Teams is finally adding a tiny but crucial feature I honestly can't believe it never had
Apple Watch Ultra 2 move data
Apple is reportedly planning a huge future Apple Watch upgrade to turn it into an AI device with onboard cameras