Hackers exploit coronavirus lockdown with fake Netflix and Disney+ pages
More than 700 fake websites mimicking Netflix and Disney+ signup pages have been created seeking to harvest personal information from consumers during the coronavirus lockdown streaming boom.
Netflix, which is expected to smash its forecast of 7 million new global subscribers when it reports first-quarter results on Tuesday, is the main target as millions of new potential customers seek entertainment while confined to their homes.
The cybersecurity firm Mimecast has identified around 700 suspicious scam websites impersonating the world’s most-popular streaming service that appeared between 6 April and Easter.
The newer Disney+, which started its international rollout in earnest last month launching in western Europe’s main markets including the UK, was mimicked by four new websites in the same one-week period.
Some of the counterfeit sites can look extremely convincing, selling subscriptions or free accounts to harvest personal and credit card data, although most are poorly designed and have language errors that mark them out as suspicious.
“We have seen a dramatic rise in suspicious domains impersonating a variety of streaming giants for nefarious purposes,” said Carl Wearn, the head of e-crime at Mimecast.
“These spoof websites often lure unsuspecting members of the public in with an offer of free subscriptions to steal valuable data. The data harvested includes names, addresses and other personal information, as well as stealing credit card details for financial gain.”
Government lockdowns to curb the spread of coronavirus have proved to be a boon for TV – UK broadcasters recorded a 29% increase in viewing over Easter compared with last year – and subscription services.
Disney+, whose content offering includes the hit $100m Star Wars live-action series The Mandalorian, almost doubled global subscriber numbers to 50 million between February, when the virus took hold, and early April.
Netflix, which has more than 160 million subscribers globally, has seen its market value surge to a record $192bn during the lockdown – more than that of Disney, the world’s biggest entertainment company.
“Tech stalwarts like Netflix and Amazon continue to lead the overall tech market higher as investors realise the strong are getting stronger. While the Covid-19 environment is tragic and has caused a near-term economic collapse, Netflix for now is in the right place at the right time with Disney, Apple, NBC Universal’s Peacock and, soon, HBO Max chasing after this streaming landscape,” Ives added.
Cybercriminals are also impersonating official bodies such as HMRC and the World Health Organization in scam text messages and emails in an attempt to exploit the coronavirus outbreak.
The UK’s Dedicated Card and Payment Crime Unit, which comprises officers from the City of London police and Metropolitan police, has carried out searches in Leicestershire, Dorset and south-east London in recent weeks, and seized mobile phones and other devices linked to Covid-19 scams.
“Working closely with the banks and mobile phone companies, we are successfully cracking down on the criminals using the Covid-19 outbreak to defraud vulnerable members of the public,” said DCI Gary Robinson. “This sends a clear message to those callously seeking to exploit this national crisis to commit fraud: we will track you down and bring you to justice.”