Top 4 Digital Threats to the Media and Entertainment Industry

For the media and entertainment industry, public platforms represent opportunities for promotion, profitability and notoriety. With streaming services, online ticket sales and digital entertainment at an all-time high, media agencies and the talent they support rely on social media to build online fandoms, web marketplaces to sell tickets to events and websites to promote and deliver content. Cybercriminals have recognized the opportunities that online platforms represent for celebrities, sports teams, and the media and entertainment industry as a whole, and seek to exploit their market presence and revenue potential. 

Through offensive and threatening content, pirated goods and counterfeit tickets, account takeovers and impersonations, bad actors engage directly with unsuspecting fans and consumers in a way that they previously could not. The media and entertainment industry must now confront these threats in order to protect their fanbases, revenue and reputation as well as safeguard the high-profile individuals that they employ, and who are often the targets of these attacks.

The ZeroFox Alpha Team released the latest Media and Entertainment Digital Threat Report focused on top threats facing the industry. The top attack tactics targeting this industry can be broken into four main categories, including sensitive content, cyber attack chatter, information exposure, impersonations and account takeover, and pirated content and counterfeit goods.

Sensitive Content

Offensive, threatening and profane content is one of the largest threats facing media and entertainment agencies that are looking to build positive online communities and digital experiences for fans. Explicit, violent or sensitive content sharing can put high-profile individuals, such as athletes, celebrities and other VIPs at digital and physical risk, while also damaging reputation.

70% of identified threat activity facing the media and entertainment industry is related to sensitive content. Media and entertainment brands are frequently targeted with offensive content – explicit posts, negative sentiment, violence and controversy. Since reputation and fandom is so important to revenue streams, media and entertainment brands need to understand what is being said about their brand, content and talent online.  

Cyber Attack Chatter

Attackers frequently use surface, deep and dark web chatrooms and forums to plan attacks, choose targets and sell hacking services. This chatter can become useful intelligence for media and entertainment agencies looking to thwart attacks on talent, fans and brand before they occur. Early warning of stolen credentials, account hacking attempts and impersonations is necessary to protect media brands and talent alike. Within the media and entertainment industry, ZeroFox identified 450,000 incidents related to cyber attack chatter within the specified time period. 

Information Exposure, Impersonations and Account Takeover

Media and entertainment agencies have an obligation to protect their talent from credential compromise, PII leakage and more. High-profile employees, such as celebrities and athletes, pose a particular vulnerability for agencies, as exposed credentials often give an attacker access to accounts that can then be used to target the organization and the larger fanbase. Impersonations, on social media, domains and other digital platforms, often serve as the foundation for broader digital attacks. Attackers exploit the popularity and awareness of celebrities and well known brands in order to conduct attacks such as phishing, harvesting user credentials, defrauding, and otherwise taking advantage of vulnerable fans. Fake accounts on social media are often used to engage legitimate consumers to encourage information sharing and fraudulent purchases. In the time period covered, ZeroFox identified over 125,000 instances of compromised credentials and PII exposure for our Media and Entertainment customers. 

Figure 1. Sample of account credential sales on social media

Pirated Content and Counterfeit Goods

Fraudsters looking to capitalize off popularity and brand recognition create and sell fake versions of legitimate goods, such as fake tickets. These fraudulent products are then sold on legitimate sites as well as on malicious sites, in conjunction with domain-based attacks. Counterfeit and pirated content not only steal revenue from legitimate retailers, but also damage brand reputation and customer trust. Last year, ZeroFox detected over 530,000 instances of pirated content and counterfeit goods on data sources monitored by our media and entertainment customers.

A recent example of this includes scams targeting streaming services, like the one shown below. Streaming media sites have spiked in popularity as the majority of the world goes on lockdown during the COVID-19 outbreak. Many of these sites contain pirated content, but some even contain malware that infects users seeking free entertainment. ZeroFox’s Alpha Team conducted in-depth research on these scams here.

Figure 2. Sample streaming service scam post on social media

Read the full Media and Entertainment Digital Threat Report

Read more about our findings, including detailed explanations of each attack tactic, where threats most often occur and who is most often targeted in the latest ZeroFox Alpha Team report. You can download the Media and Entertainment Industry Digital Threat Report here