Streaming providers are the big beneficiaries of the Coronavirus crisis - and fraudsters know this too. With numerous fake websites, user and banking data of new and existing subscribers are being targeted. However, the deceptively real-looking fake websites usually reveal themselves through circumstantial evidence.
Worldwide, 160 million subscribers are registered with streaming provider Netflix. In recent weeks, the company has increased its market value to a record $187.3 billion. This makes Netflix more valuable on the stock exchange than the entire Disney group at $186.6 billion. But the new streaming service, Disney+, also benefits from the lockdown restrictions. With the launch of the service in Europe, the number of subscribers doubled to almost 50 million during the COVID-19 pandemic.
The fact that streaming providers are experiencing glorious times is also known to fraudulent hackers who use fake landing pages of the streaming services to try to get both login and payment data. This was reported in the international edition of The Guardian, and refers to a report by the cybersecurity company Mimecast. The security professionals were able to detect 700 fake Netflix websites created between April 6 and Easter alone. During the same period, only four fake Disney+ websites are said to have been created to intercept user data.
The trick is simple: if interested parties land on a fake Netflix or Disney+ site while searching online, they are often lured to the streaming offer with a free trial period or completely free access. The fake sites look deceptively real, and are sometimes copied one to one. Indications that it is a fake website can still be found, however.
Checklist for fake websites
- Dubious domain: For Disney+ the correct website in the browser is https://www.disneyplus.com and for Netlfix it is https://www.netflix.com.
- Spelling mistakes: Although it can happen to any PR team, it is highly unlikely that spelling and grammatical errors will be found for long on an official website of large companies. However, fake websites often use conspicuously poorly translated text.
- Unrealistic offers: Neither Netflix nor Disney+ offer their streaming service in any way completely free for the average consumer. Disney+ can currently be used free of charge for seven days until a monthly or annual subscription takes effect. With Netflix it is 30 days - after that a subscription is due if you want to continue streaming video content.
- Restricted payment methods: Netflix subscriptions can now be paid via PayPal. This is also the case with Disney+. Fraudsters often only want one thing: your credit card information. Therefore they often only offer this payment method. With your card number, expiration date and verification code, criminals can cause serious financial damage.
Not only the exploitation of credit card data is the aim of the fraudulent websites, says Carl Warn, head of E-Crime at Mimecast. Speaking to The Guardian, he said: "These spoof websites often lure unsuspecting members of the public in with an offer of free subscriptions to steal valuable data. The data harvested includes names, addresses and other personal information, as well as stealing credit card details for financial gain."
If you take the above points into account, you should be able to recognise a fake very quickly. In The USA, the Federal Trade Commission (FTC) is responsible for tackling for fake and fraudulent websites. Suspicious websites should be reported here.
Via: The Guardian