COVID-19 pandemic has given hackers some profitable tools, believes Minecraft. In an attempt to capitalize on the pandemic situation, hackers have turned their focus towards streaming platforms.
The e-mail security vendor informed that it discovered more than 700 phony domains designed like Netflix to mislead the users. Black hats are also using the Disney+ brand similarly.
COVID-19 driven hackers: What is the motive?
The reason is straightforward. With multiple countries across the globe imposing lockdowns because of COVID-19, people are staying indoors. All age groups, being at home most of the time, have resulted in soaring use of streaming services.
— Laurel Chesky (@CheskyLaurel) March 30, 2020
With a view to prevent service outages during the COVID-19 pandemic, providers have cut usage of bandwidth. Last week, Disney claimed a whooping 200% rise in paid subscriptions of its streaming service.
Carl Wearn, head of e-crime at Mimecast, commented that this is the usual behavior pattern the hackers follow – they run where the money runs.
COVID-19 themed attacks: Carl Wearn’s comments
“The COVID-19 pandemic and its resulting lockdown has left people with a lot more time on their hands at home. One way that British people are filling this time is with streaming services. This binge-watching comes with security risks, as cyber-criminals look to take advantage of the uptick in television viewing.” explained Carl.
— Jesper (@Joeeeee232) April 1, 2020
“We have seen a dramatic rise in suspicious domains impersonating a variety of streaming giants for nefarious purposes. These spoof websites often lure unsuspecting members of the public in with an offer of free subscriptions to steal valuable data. The data harvested includes names, addresses and other personal information, as well as stealing credit-card details for financial gain.”
Streaming services are not the sole focus of hackers right now, though. COVID-19 themed attacks with an aim to get users to click are on a surge.
A dedicated reporting service was launched this week by the UK’s National Cyber Security Centre (NCSC) for the general public to submit any suspicious emails.