The average price of a hacked streaming account on the dark web is around $12, according to a study by NordVPN.
The average prices for the most popular streaming platforms are Netflix at $9.68, Amazon Prime at $14.78, Disney+ at $16.56, HBO at $3.52 and Hulu at $10.21.
“The technique criminals often use for hacking streaming accounts is called credential stuffing,” Daniel Markuson, a cybersecurity expert at NordVPN, said in a statement. “Credential stuffing includes exploiting emails and passwords that were leaked in big data breaches. Once criminals get them, they try the same credentials for other accounts a person owns. Because many people have a bad habit of using the same credentials for most of their online accounts, this usually works out.”
According to NordPass, the most popular passwords that consumers use include “123456,” “password” and “12345.”
How can consumers tell if their streaming account has been hacked?
The hack is easy to notice if the credentials get changed. Hackers can change a user’s email address and password to take over accounts and later sell those credentials on the dark web. In situations like this, when a user can no longer log in to their account using the credentials they used before, it is best to contact the service provider to regain control of the account, according the NordVPN.
In some cases, hackers will gain access to an account and leave the credentials alone in the hopes that they can keep using an account without the owner knowing. They could also sell those credentials so that their client on the dark web can use the account. In this situation, it’s important to keep an eye out for strange viewing activity on the account, according the NordVPN.
“Streaming accounts are easy to restore if they get hacked, but they can give out information about their customers for cybercriminals to use in the future. So it is better to be safe than sorry and protect all of your accounts in advance,” Markuson said in a statement.
Some protective tips include:
- Use lengthy, complex, and unique passwords for every online account you have. Better yet, employ a password manager that can generate strong passwords and store them for you in one safe place.
- Go through the privacy settings of your online accounts to check if you can make them even more secure. Invoke all recommended security settings and enable two-factor or multi-factor authentication where possible.
- If one of your online accounts gets affected by a data breach and you use the same or similar passwords anywhere else, change them immediately to protect them from getting hacked too, exposed on password dumps, or used in credential-stuffing attacks.
- Stay alert and check your accounts for suspicious activity. If you notice something unusual, report the incident to the service provider. Suspend your account, or better yet, delete it and create a new one.