A new report from cybersecurity company Inky Technology Corp. released today warns that bad actors are targeting streaming platforms amid the Hollywood actor’s strike.

The Hollywood writers and actors’ strike, which started in July, has led to significant financial issues for many in the entertainment industry. Although writers have since returned to work, actors continue to be on strike. INKY says the disruption in the entertainment industry has given cybercriminals an opportune moment to focus on the booming streaming sector.

INKY’s researchers pinpointed several distinct phishing threats aimed at streaming services. The methods used by bad actors are becoming increasingly refined, capitalizing on users’ trust in reputable streaming brands by employing deceptive impersonation techniques.

An alarming strategy being used by attackers involves the crafting of urgent-seeming messages, asking users to dial a given phone number. The messages are designed to create an emotional response, often hinting at financial irregularities or unauthorized account transactions. The unsuspecting victim, upon making the call, is greeted not by a service representative but by the fraudsters behind the scam, who are on a mission to steal sensitive personal and financial data.

By dangling the risk of financial jeopardy, the attackers induce a state of cognitive dissonance in their targets. In doing so, victims are blinded to subtle scam giveaways, rendering them more vulnerable to the deceit.

In one example, recipients received a phone scam phishing email impersonating Paramount+ that claims an automatic renewal of a subscription will be processed. All the emails originated from AOL free email accounts, which have a high sender reputation, so they are able to pass email authentication.

Each email has a fake invoice attached as a PDF that includes a monthly fee that would concern most recipients — an amount due of $42.98 versus the regular rate for Paramount+ Essentials of just $5.99 per month. 

In another example, bad actors sent a phone scam phishing email impersonating Disney+ and claiming that the recipient’s subscription would automatically renew. Like the Paramount+ example, the invoice included an inflated price of $49.99 versus the basic rate is just $7.99. In both examples, a phone number was provided in the email for users to cancel the service, but the number was one controlled by the attackers. 

The INKY researchers suggest that there are steps users can take to make sure they are not being targeted by scammers.

The first and perhaps the most obvious advice is to scrutinize the sender’s email address closely to ensure it originates from a legitimate source, especially if the content invokes dread or urgency. All email users should guard sensitive personal data and refrain from sharing such details over the phone.

Rather than clicking on links within emails, users should manually type the website address into their browser to navigate to the genuine site. Additionally, phone numbers provided in unsolicited emails should be avoided; instead, individuals should source contact details from the official company website.

Image: Paul Hudson/Flickr