Your personal passwords for subscriptions to services like Netflix and Spotify are now being sold on the black market. What is most troubling is the fact that lifetime access is guaranteed to whoever is willing to pay the fee: less than $1, BGR reported.
Apparently, stealing and selling credentials to media streaming services is a very common practice for unscrupulous hackers. The marketplaces where these credentials are being sold can only be accessed on the Dark Web, a hotbed of illegal anonymous activity.
The nature of the Dark Web means that it can only be accessed via a special browser called Tor. Also, finding the marketplaces themselves could prove troublesome for total amateurs. Once inside, however, stolen HBO Now and HBO Go accounts can be bought for less than $10. Premium sports services would go under $15. Spotify accounts sell for less than $2.
What is interesting is the fact that the hackers can safely provide “guarantees” to their customers. Their lifetime subscriptions mean that the owner of the original account is not likely to cancel his or her subscription.
“I don’t want to call it a risk-free transaction but they try to make it as risk-free as they possibly can,” Intel Security CTO Raj Samani told Tech Insider. There are even help desks for users of these stolen services.
For the stolen Netflix service, hackers exploit the fact that people share their Netflix passwords quite loosely especially among friends and family. The other credentials for sale are based on stolen credit card information and account information.
It is quite easy to see if your account is being used for this kind of illicit service. You can check out this website haveibeenpwned.com that will tell you if your subscription credentials have been stolen. If this is not effective, your Netflix account can be used to verify your status. Strange movies in your Recently Watched movies is an automatic red flag.
You can simply go to your account page and select Sign Out of All Devices option. That, and a password change, should do the trick. You can also watch out for new viewer profiles that obviously mean a third party has access to your account.
A lifetime guarantee by hackers could mean your other personal data has been stolen as well. Change passwords to other online services, choose unique passwords for each, and check bank activity for any suspicious subscriptions.
