Streaming credentials are the new gold in the cyber underground, and cybercriminals are cashing in, by using your favorite shows, anime, and blockbuster films as bait.
A new report from Kaspersky reveals a troubling spike in phishing and malware campaigns that exploit pop culture to lure users, especially Gen Z, into compromising their devices and handing over credentials.
Attackers are using familiar entertainment brands to drop malware, steal login details, and resell streaming accounts on the dark web at bargain-bin prices.
In 2023 alone, Kaspersky blocked nearly 10 million phishing attacks related to streaming services and 4.2 million attempts to download malware disguised as popular movies and TV shows. The message is clear: threat actors are meeting younger users where they are, online, on social platforms, and immersed in entertainment culture.
A Persistent Trojan Horse
Anime titles continue to top the list of lures in malware campaigns. Naruto, Attack on Titan, One Piece, and Demon Slayer were among the most exploited franchises in 2023. Even older titles like Bleach remain magnets for malicious activity.
What makes anime such a popular vector? It’s a potent combination of loyal fanbases. It enjoys high engagement on social media. And it has early access to new episodes and films, often through unofficial sources.
Attackers capitalize on this by packaging malicious tools into seemingly legitimate downloads, and by using enticing thumbnails and forged website branding to create a convincing façade.
Kaspersky says Naruto alone accounted for more than 3,000 malware-related incidents, while Attack on Titan and One Piece were used in thousands of phishing attempts aimed at tricking users into clicking fake download links.
Fake Streaming and Spoofed Merch Stores
Streaming platforms such as Netflix, Prime Video, and Disney+ remain high-value targets. Phishing pages mimicking these services proliferate across social media, offering fake login portals that harvest credentials. Once stolen, these credentials are resold in bulk on darknet forums, often for as little as $1 per account.
But the schemes are evolving.
Threat actors are now building entire fake online stores claiming to sell “official” merchandise tied to popular movies and anime. These stores often appear around major releases (like Inside Out 2 or Spider-Man: Across the Spider-Verse) and promote limited-time offers on TikTok, Instagram, and YouTube.
Once a user enters their payment information, it’s game over. No merchandise arrives, but their card data is likely resold or used for fraudulent purchases.
Gen Z in the Firing Line
This strategy is not random. It’s tailored for Gen Z.
Kaspersky’s findings show that cybercriminals are increasingly designing campaigns that appeal to the consumption habits and online behavior of digital-native users. Gen Z tends to rely heavily on social media for news and entertainment, uses streaming platforms daily, and often seeks out early or “leaked” content from unofficial sources.
This makes them uniquely vulnerable to clickbait headlines, fake trailers, and download links disguised as early movie releases. And it’s working. From the Shrek franchise to anime’s biggest names, attackers are finding reliable success using entertainment-themed lures to infect devices and steal credentials.
What to Watch For
The seasonal spikes are telling. Major releases usually coincide with a surge in phishing campaigns. For instance, in June 2023, timed with new film releases and the start of summer, Kaspersky saw a noticeable jump in phishing pages and malware downloads related to animated movies and anime series.
Users should be cautious of:
- Websites offering free or early access to new movies or shows
- Social media posts that link to external download pages
- Online stores with unusually large discounts on merchandise
- Requests to enter streaming login credentials outside of official apps or platforms
Kaspersky recommends using trusted sources, keeping devices updated, and deploying security tools that detect phishing attempts in real time.
Don’t Ignore Red Flags
Nivedita Murthy, senior security consultant at Black Duck, says, “Users of popular streaming platforms are the perfect targets for phishing and drive-by malicious apps downloads. These users may ignore typical red flags in emails or websites while trying to access the latest episodes of their favorite series.”
She advises users to be suspicious of any email that asks for credit card information or logins, or if the offer seems too good to be true. “Always use trusted and verified websites to access any items, especially on platforms that ask to collect your personal information or banking information. Even clicking on a link could result in malicious software being downloaded in the background of a device.”
Information Security Buzz News Editor
Kirsten Doyle has been in the technology journalism and editing space for nearly 24 years, during which time she has developed a great love for all aspects of technology, as well as words themselves. Her experience spans B2B tech, with a lot of focus on cybersecurity, cloud, enterprise, digital transformation, and data centre. Her specialties are in news, thought leadership, features, white papers, and PR writing, and she is an experienced editor for both print and online publications.
The opinions expressed in this post belong to the individual contributors and do not necessarily reflect the views of Information Security Buzz.