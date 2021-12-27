The use of streaming platforms has become popular over the years and during the pandemic there was an increase in the consumption of this type of content on demand. Also known as OTT (over-the-top services) they have been gaining more and more customers. According to the Statista company, by 2022 in Latin America there will be about 93.7 million users.

In Colombia, for its part, according to the report ‘Streaming consumption for Latin America 2021’, recently published by Sherlock Communications, the company under this model that has the most users is Netflix, with 71 percent preference; It is followed by Amazon Prime (12 percent), HBO Max (7 percent) and Disney + (6 percent).

But just as the popularity of this type of platform has grown, the tactics of the cybercriminals to be able to access user information and hack access to these pages and then sell them.

The biggest threats

in terms of ‘streaming’ platforms, aimed at users, revolve around ‘phishing’

“The biggest threats in terms of streaming platforms, aimed at users, revolve around the phishing, or misleading communications received by instant messaging from the same application, email or social networks ”, highlights Martina López, Eset security analyst.

These attacks mainly seek that the person deliver, without knowing that it is a fraud, access data to the page on which they have the subscription, related to the username and password, with which the offender can later modify the characteristics of the profile and sell these accesses.

How do they work?

The first thing to know is that most cases of account hacking related to OTT are directed directly to the user through social engineering techniques.

Although massive breaches have been observed on this type of platform, such as what happened at the end of 2020 with Spotify, which revealed that nearly 350,000 accounts were stolen through credential stuffing, in which, through an automated attack, criminals entered the profiles using access data stolen from other portals; these are not that common.

“The vast majority of these cases are related to the user, who by means of deceit gives the criminal his keys. Massive attacks on these platforms are not as common as other ransomware (data hijacking), which are more aimed at companies, ”highlights Andrés Cajamarca, Fortinet Engineering Manager for Colombia.

The main way to steal accounts from streaming is phishing, which consists of a deception technique in which the attacker uses messages through digital channels to manipulate the victim and make him reveal private information. In this case, the cybercriminal impersonates an entity or company in which the user can have a subscription and sends a message notifying that it is a communication from the technical service reporting a failure.

“These messages follow a classic scheme of fraudulent communication: they inform the user of any problem, benefit, update or gift related to their account, and to receive or solve it they must follow the instructions detailed in the message. These may include downloading some malicious file or entering a fraudulent site where the user will be prompted to enter their credentials, ”explains López.

The means that criminals use to send these attacks are instant messaging applications, such as WhatsApp, email and text messages.

When the attacker accesses the user’s access credentials, two scenarios can happen, says the Fortinet expert. The first of them is that when the person tries to enter their account, the platform notifies them that the password is incorrect and observes that when validating the generation of a new password the associated email is another, so there is no way to access the service .

In the other case, the victim continues to maintain the income, but the attackers expand the plans so that it can be accessed from more devices, which generates an additional cost to the user, and the creation of new profiles or consumptions within the page that does not correspond to those made by the account holder is observed.

To avoid falling into these types of attacks, the first thing to do is have a strong password, which combines letters, numbers and special symbols. This password must exceed 12 characters and must not be the same as the one in other accounts.

“Additionally, you must activate the double factor authentication, which is a one-time code sent to a cell phone or email, or biometric data, which prevents attackers from entering the victim’s account even if they have their password, ”says Martina López.

Finally, do not forget to activate the alerts corresponding to logins on new devices. Also check from the OTT platform configuration options of your preference which are the computers that are accessing the service and their IP addresses, which will help you to validate if there are third-party accesses in your profile.

