Streaming services like Netflix, Hulu, Disney +, Spotify and Apple Music have revolutionized the entertainment industry. Change that has not gone unnoticed by cybercriminals who have found ways to steal credentials and illegally resell them at discounted prices. Proofpoint, which specializes in cybersecurity, raises the alarm and invites subscribers to the utmost attention.
There are three ways in which cybercriminals can steal valid credentials for streaming services: malware, credential phishing and previously stolen credentials combined with password reuse.
- Malware: Malware includes any type of malicious code distributed via email or websites and installed on systems and servers with the aim of taking control of it. Some are designed to find account information and steal usernames, passwords and credit card information.
- Credential Phishing: Credential phishing begins with an email that reports an account problem – such as payment difficulties or an update of the billing address – and asks to enter the account to correct it. By clicking on the link you are taken to a site very similar to the home page of the official one and you are asked to enter your username and password, thus allowing attackers to take possession of your credentials.
- Previously stolen credentials / Password reuse: Hackers can gain access to streaming accounts also thanks to a combination of previously stolen credentials and password reuse, a practice called “credential stuffing”. In these cases, cybercriminals take previously stolen usernames and passwords and test them on streaming services.
What happens with the stolen login?
Once the streaming credentials are obtained, the hackers sell them to others who will use them to access these services without the legitimate user noticing. Stolen logins and passwords (for example from Netflix) are sold at a fraction of the price of a legitimate subscription, with the recommendation not to change the username or password of the account, as this would void the warranty. But more importantly, the change in credentials would alert the legitimate account holder who would thus notice the theft.
Protection of streaming accounts
The best way to protect your streaming credentials is to keep your operating system, browsers and plug-ins up to date and never click on suspicious or doubtful links placed in emails or attachments to visit any streaming site. To be sure, better to type an address directly in the browser and always use a different password for each platform: Netflix, Disney +, Apple, Spotify and so on. In addition, the main and most popular streaming services are able to send a notification every time a new device connects to the account: activate this option in the settings.
You may also like http://studywatches.com/