It’s been more than a decade since Netflix launched its
on-demand online streaming service, drastically changing the way we consume
media. In 2019, streaming accounts for an astonishing 58 percent of all
internet traffic, with Netflix alone claiming a 15 percent share of that use.
But as streaming has become more common, so has the exploitation of streaming
technologies. Some consumers stream illegally to cut costs, perceiving it to be
a victimless crime. But as the saying goes: there’s no such thing as a free
lunch. Streaming is no exception.
Jailbreak!
By downloading illegal streaming apps from third-party
sources (i.e. outside of the Apple® App Store or Google™ Play), users may think
they’re capitalizing on a clever loophole to access free services. However,
according to a startling study conducted by Digital Citizens, 44 percent of
households using pirated streaming services experienced a cybersecurity breach
of one or more of their devices. That means if you use any type of
illegal streaming device or app, you are six times more likely to fall victim
to a cybersecurity attack than households using legal streaming services. Since
a reported 12 million homes—in North America alone) are actively using pirated
streams, that means illegal streaming may have led to up to 5 million
potentially undetected breaches.
Why are illegal streams so attractive to cybercriminals?
Because you’re probably streaming using devices and applications that are
connected to your home network. Unfortunately, the firewall on the average home
router does not provide adequate security against attacks. Any malware
introduced by the streaming software is likely able to get through
successfully. If you’re using a Window® computer or device, that means the
malware can infiltrate not the device you’re actively using, but also any other
Windows devices using the same internet connection. By spreading itself across
multiple devices, malware makes its own removal that much more difficult. Pair
these details with the fact that illegal streaming users are less likely to
report a malicious app, illegal streams provide a haven for cybercriminals in
which they can easily attack users, infect their machines, steal their data,
and hold their files for ransom.
Cybersecurity breaches caused by illegal streaming can
manifest in many ways. For example, a popular illegal movie and live sports
streaming app was observed scraping the connected WiFi name and password, as
well as other sensitive information, according to ThreatPost.
How You Can Stream Safer
Ultimately, nobody can guarantee the security of an illegal
stream. The truth is that legal streaming is the only safer streaming. That
doesn’t mean you have to go through the giants, like Netflix or Hulu. Users can
now access many low-cost, legal streaming options—including a few that are
ad-supported and are actually free. So why put yourself and your family
at risk for the sake of an illegal stream?
If you’re worried that someone with access to your WiFi
network may be streaming illegally, thereby putting you and your devices in
danger, make sure all of your devices are using up-to-date antivirus software
to help stop cyberattacks and prevent malware infections. More importantly,
talk with your family and friends about the real cost of “free” streaming.
They’ll be more cautious once they fully understand the risks.
Tuesday, June 25, 2019
Phishing Attacks Go Mobile
Taking advantage
of the inherent trust in mobile content, the bad guys are using a mixture of phishing text messages and look-alike sites to trick
users into giving up credentials.
You get a text from “Microsoft” stating your Office 365 password has expired with a link to reset your password. You click the link and are taken to an Office 365 password reset page. Thinking nothing of it, you provide your credentials and “reset” your password. One problem – it’s all been a scam.
This is the latest technique used by cybercriminals to harvest online credentials, according to data from security firm Lookout. Because so many users utilize mobile devices for work, it’s the perfect medium to get direct access to a user without needing to fend against the traditional defenses organizations put up in front of web and email content.
According to Verizon, 51% of sophisticated threat actors are now including mobile devices in their list of target devices. And, because the credentials being sought are work-related, the mobile device attack path spells trouble for organizations.
Without an ability to properly protect corporate accounts via devices out of their control, organizations need to look to heightening the employee sense of security when interacting with anything on the Internet (regardless of device).
Without changing the way employees think about the complete sense of trust they have in the mobile device experience, organizations put themselves at risk of the repercussions of credential harvesting, which include ransomware attacks, data breaches, and fraud.
You get a text from “Microsoft” stating your Office 365 password has expired with a link to reset your password. You click the link and are taken to an Office 365 password reset page. Thinking nothing of it, you provide your credentials and “reset” your password. One problem – it’s all been a scam.
This is the latest technique used by cybercriminals to harvest online credentials, according to data from security firm Lookout. Because so many users utilize mobile devices for work, it’s the perfect medium to get direct access to a user without needing to fend against the traditional defenses organizations put up in front of web and email content.
According to Verizon, 51% of sophisticated threat actors are now including mobile devices in their list of target devices. And, because the credentials being sought are work-related, the mobile device attack path spells trouble for organizations.
Without an ability to properly protect corporate accounts via devices out of their control, organizations need to look to heightening the employee sense of security when interacting with anything on the Internet (regardless of device).
Without changing the way employees think about the complete sense of trust they have in the mobile device experience, organizations put themselves at risk of the repercussions of credential harvesting, which include ransomware attacks, data breaches, and fraud.
Subscribe to:
Posts (Atom)