How Content Abuse is giving rise to online Frauds, explains SIFT – Disposable mail news


A report from Sift on ‘Content Abuse and the Fraud Economy’ explores the rising arena of online frauds and content abuse in 2020, detailing how content abuse tricks users for falling for the fraud and giving it an air of legitimacy.

The report also exposes a fraud ring in Russia that tested credit cards and wallets on e-commerce websites and posted false content.

Content Abuse 

The data used in the report came from 34,000 sites and with a survey of over 1000 users by Sift on Content Abuse.

Understanding the “Fraud Supply Chain: A Network of Content Abuse, Account Takeover (ATO) and Payment Fraud” –

As a market works on a proper chain of demand and supply similarly these fraud rings have a proper network where content abuse works as a bridge between Payment fraud and account takeover.

Account Takeover exposes financial credentials and includes stolen cards and debits or wallets that can be used for performing payment fraud whereas content abuse works as a cushion and bridges account takeover and payment fraud. It convinces users to share details or send money through fake messages, reviews, phishing, or romance scams. Payment fraud then is the goal of the above two where buying and selling could occur via the cards and info collected by Account Takeover and Content Abuse.

 According to the report fake content can be found in plenty on the Internet and the numbers are shocking. Consumers find 70% of content on social media fake, 40% on classified, 21% on travel sites, and 15% on Job Boards.

 The Bargaining Bear

Sift’s data science team in June also discovered a fraud ring on an e-commerce market place that exploited account takeover and content abuse to check the credentials of stolen debit cards and wallets to see if they worked and how much were they worth.

 “To test dozens of stolen cards, they “sold” the items to each other, after “haggling” those prices down to $1.00 USD— a typical price used to test hijacked payment details. Each listing was uncharacteristic for this marketplace, purchased on the same day, and included several fake reviews to strengthen the appearance of authenticity.”, stated the report. 

 The team working from Russia, made various sellers profiles (with the same IP address) and sold stuff at cheap prices and bought the materials themselves leaving fake content listings that gave a legitimate reputation to the seller for easy card testing.


Temp Mails (https://tempemail.co/) is a new free temporary email addresses service. This service provide you random 10 minutes emails addresses. It is also known by names like: temporary mail, disposable mail, throwaway email, one time mail, anonymous email address… All emails received by Tempmail servers are displayed automatically in your online browser inbox.

How To Watch Netflix, Prime, Hulu Content for Free in 2020 – 10 minute mail

Today at itechhacks, We are going to discuss How someone can watch premium content that is only available on Netflix, Prime, and Hulu for free without purchasing any subscription. The love for cinema and entertainment is a never-ending process. People try to squeeze at least one hour for entertainment daily. Imagine getting a one-stop solution for it? Let’s start.

How To Watch Netflix, Prime, Hulu Content for Free in 2020

The Watched App is the new solution for bringing a delightful smile on your face every day. So, without making any investment, you can enjoy features like Netflix in it, that too for free. You need a smartphone and a good internet connection to install the app on your phone.

Now, you can use the watched app as an excellent alternative to Netflix as well. Netflix is also good, but it is way too expensive when you are getting this multimedia browser for FREE. The watched app is considered as one of the best movie-watching apps.

Now, let’s get the information about its features, how it has crossed 1 million downloads in the play store.

READ MORE: 10 Best Laptops for Watching Netflix & Amazon Prime

Feature of Watched App:

  1. The most attractive feature is, it comes for Free. You can watch amazing movies, series for free.
  2. While logging in to this app, you will not see any advertisements (NO ADS).
  3. While experiencing lags, you just need to wait for 30 seconds to watch the movie with-out any instinctive reflex.
  4. Almost all the series and all the movies are available on the Watched app along with TV shows.
  5. You will get the subtitles while watching the movies and series.
  6. By using URL huhu.to, you can watch everything in this app (the HUHU.to code helps its users to unlock the contents uploaded in Netflix and other online streaming paid subscription services.
  7. Since 1900, you will be able to watch all the movies and series in this watched app.
    The shows for which you pay on Netflix and Disney+, but you will get watch it for free.

Those are the features that are attracting its users to use the Watched app a little more. It is really helping us to enjoy our quarantine days and definitely adding values to the love we have always given to the field of entertainment.

As we have got to know about the features of this Watched app, now let us move forward to its Pros and Cons while using it. Everything in this world has its useful and useless sides.

Let’s explore the pros and cons of the Watched app

READ MORE: Working Free Netflix Premium Accounts & Passwords 2020

Watched App (The Pros)

  • It is a free app (Free multimedia browser)
  • No advertisement running.
  • Almost all movies and series are available.
  • Subtitles are available in some of the movies and series.
  • With an updated version, you can download the movies as well.
  • Good Quality (Video Resolutions)

Watched App (The cons)

  • The main battle between you and this app is the server. You have to do a lot of things to play with the servers (Especially American servers).
  • Once it shows connection lost, it requires your enduring patience to get back to the movies and series you are watching (the genuine playback error).
  • In most of the things you love to watch, you will see the pop-up messages ‘there is an error’ or ‘nothing found.’
  • After every minute of watching, it starts freezing.
  • Language Problem (if you choose a different language, it shows a different language)
  • Most of the series have no streaming. As English is accepted as a global language, it requires most movies and series in English.
  • No option for selecting audio.
  • You can’t play this on TV.

Despite having its limitations, people are using and enjoying it. The reason is, it is available for free. If you want something for free, then definitely you need to struggle with the process. Especially when the matter is all about your daily entertainment, you can wait a little longer to connect with the servers as well.

Watch Netflix Content for Free

Step 1:  Download Watched App from Play store.

How To Watch Netflix, Prime, Hulu Content for Free in 2020

Step 2: Open the app and click on + at the top right corner.

Step 3: Type “‘huhu.to” and click on Continue.

How To Watch Netflix, Prime, Hulu Content for Free in 2020

Step 4: Search for any Netflix Content! Done.

READ MORE: How To Get Amazon Prime Video Accounts for Free

Fix Server Problem in Watched App

Now, let’s find solutions for the SERVER problem of the Watched app.

The main benefit you are getting from the Watched app is good content to watch for free. So, a little problem in connection error is viable. Here you will find some tricks to solve your problems while watching movies online on the Watched app.

  • Make sure you are using a good server so that you will not find issues while reconnecting it.
  • Use the URL huhu.to to get connected with the contents you want to watch.
  • The lag you will get, while you jump on the server in the full-length movies, you just wait there for only 30 seconds, and the rest of the movie you will be able to watch without any disturbances.

Try the above mentioned, and it will fix your server problem.

Conclusion:

As time goes by, you will be unlocking more new features of this app with a new interface. So, your duty is to update this app from time to time. New features like screen orientation to rotate and get the full-screen views will come soon in this watched app. Wait for sometimes to enjoy new features. All the bugs will be sorted out soon. You can install this app and enjoy your free time of quarantine days. This app will not let you feel down. You need a little patience!

Temp Mails (https://tempemail.co/) is a new free temporary email addresses service. This service provide you random 10 minutes emails addresses. It is also known by names like: temporary mail, disposable mail, throwaway email, one time mail, anonymous email address… All emails received by Tempmail servers are displayed automatically in your online browser inbox.

Safari in macOS Big Sur Works With 4K HDR and Dolby Vision Content From Netflix on Newer Macs

WWDC20 Rumor Report Card: Leaked iOS 14 Features, Arm-Based Macs, and More

WWDC was held online this year, but it was still packed with announcements, including iOS 14, iPadOS 14, macOS Big Sur, watchOS 7, tvOS 14, and Apple confirming its long-rumored plans to transition to its own custom-designed processors for future Macs. Sadly, there was no sight of a redesigned iMac, but that is still on the table for later this year.
With so many rumors shared every week, it …

Temp Mails (https://tempemail.co/) is a new free temporary email addresses service. This service provide you random 10 minutes emails addresses. It is also known by names like: temporary mail, disposable mail, throwaway email, one time mail, anonymous email address… All emails received by Tempmail servers are displayed automatically in your online browser inbox.

Explicit content and cyberthreats: 2019 report – 10 minute mail

‘Stay at home’ is the new motto for 2020 and it has entailed many changes to our daily lives, most importantly, in terms of our digital content consumption. With users opting to entertain themselves online, malicious activity has grown. Over the past two years we have reviewed how adult content has been used to spread malware and abuse users’ privacy. This is a trend that’s unlikely to go away, especially under current circumstances. While many pornography platforms are enjoying an influx of new users and providing legitimate and safe services, the security risks remain, if not increase.

One of the key concerns that arises when it comes to adult content is the risk to privacy. Every passing year shows privacy is becoming an ever scarcer resource, with mobile devices becoming a popular new infection point. With data leaks happening more frequently than ever, abuse of privacy and its value has yet again become a popular topic of discussion, and a point of concern for many users who may have previously overlooked the issue altogether. The new reality shows this threat is real and quite tangible. Agreeing to a social contract that entails giving up your data in exchange for services, is now widely accepted in our society. It is, however, a completely different story if the data you had no intention of sharing ends up in the open. A situation like that can have devastating consequences and even put lives at risk. Our sexual preferences and sex life most probably top the list of things that we as a society still prefer to keep private, with 28% of users believing porn-related searches must be kept private. However, cybercriminals seem to think otherwise.

Recent news about data leaks relating to pornography confirm the trend. The OnlyFans leak of adult content created by sex workers, which is not only a source of income for them but also information that they did not choose to share publicly, is just one notable incident. This and other examples demonstrate how leaks lead to personal lives being violated, why it is harmful and may even be dangerous. The leak of over 1.195 million users’ personal information from a hentai pornography site is yet another example of how data not meant to be in any way exposed publicly was abused, putting numerous users at risk. Such incidents are happening more and more frequently, and the fault of the organizations that handle such data cannot be overlooked – too often user data is unsecured and unencrypted, despite being a tempting target for cybercriminals looking to make money.

But, of course, there’s more to it than that. To understand which threats await viewers of adult content we conducted the following research.

Methodology and key findings

To understand the risks that may be associated with pornographic content online, we researched several types of threats. We evaluated mobile and PC-focused malware disguised as adult content to see what kind of files users might be downloading and thus putting themselves at risks. We tested whether and to what extent violent content and adult dating apps are used by cybercriminals as a disguise for malware distribution. We examined the privacy aspect of adult content consumption and dangers associated with privacy breaches – from malware hunting for credentials to pornographic websites, to what kind of sex-related content gets leaked into the dark web. We also analyzed phishing and spam linked to porn and sex dating to see what kind of content users should be wary of. Using Kaspersky Security Network – the infrastructure dedicated to processing cybersecurity-related data streams from millions of voluntary participants around the world – we measured the number and type of threats users have encountered in recent years.

Additionally, we dived into underground online markets and learnt what kind of sex-related personal data is for sale and what kind of scams are discussed among the cybercriminal fraternity.

As a result, we discovered the following:

  • Mobile porn-related threats are growing, while PC-focused malware and potentially unwanted applications are becoming less appealing to cybercriminals. The number of mobile users attacked more than doubled from 19,699 in 2018 to 42,973 in 2019. By contrast, there was a drop in PC-based threats from
  • Cybercriminals strive for more flexibility when it comes to choosing the kind of malware to distribute – almost two out of every five users attacked by porn-related PC threats have been hit by Trojan-Downloaders (39.6%) that enable other types of malware to be installed later.
  • The number of users attacked by malware hunting for credentials to access pornography websites has dropped, while the number of the malware attacks continues to grow, increasing by 37% from 2018 to 2019 and reaching a total of 1,169,153 in 2019. This demonstrates the persistence of botnets in attacking the same users – a radically different picture to 2018.
  • Privacy becomes an even bigger concern for users when it comes to adult content. Things like leaked personal images and stolen premium subscriptions for pornography sites remain in high demand, with the theme of sex continuing to be used by cybercriminals as an easy way to make money.

PC threats

Malware is spread through the web – disguised as software updates or files, it is distributed across numerous websites all over the digital space. The distribution system is vital for malware. In the past, ‘black SEO‘ – a technique that enabled malicious sites to appear higher up in search results – was the most prevalent, but now that search engines have taken effective steps to hinder it, cybercriminals have turned to other channels.

Malicious software is often distributed via an affiliate network of websites that share pornographic content (we looked into a similar case, though on a less carnal theme, in one of our recent reports on Shlayer Trojan). Moreover, these websites can be created by cybercriminals using template pornographic websites – such services are freely available and their main aim is to create a source of income for the owners from advertising. With control of the content on a website where sextortion malware is distributed, cybercriminals can narrow down the victims to their target audience.

Legitimate websites can also be a source of threats, often unknowingly, with malicious links placed in the comments sections or through the use of malvertising. While the most popular online porn websites are well protected and rarely become a source of malware, this is not necessarily the case for many others. All in all, this shows that downloading anything from the web always comes with risks that have to be considered by any user.

Porn tags = malware tags

Pretty much any content that is in demand can be used as bait by cybercriminals, and this is especially true when it comes to online entertainment. Our previous research has shown that the best way to deliver infected files to victims’ devices is to disguise them as something that they are actually looking for. In the case of adult content, using porn tags has proven to be a popular method. ‘Porn tag’ is a term used to categorize the pornographic video genre. Each porn website has a dedicated page with porn tags and the number of videos available with these tags, reflecting the popularity of the content.

Previously, to determine how prevalent threats disguised as pornographic content were, we analyzed the 100 most popular tags. This showed a correlation between the popularity of porn tags and infected files under the guise of adult content – most malware is distributed under the guise of just a few of the most popular tags. This means it’s not necessary to analyze all 100 tags to understand the threat landscape. This year we limited the analysis to the 10 most popular tags – these we ran against our database of threats and Kaspersky telemetry. We selected the most popular tags based on information from the top three most visited porn websites, choosing those with the most videos uploaded.

The comparison between results for 2018 and 2019 showed that the number of users attacked by this threat has decreased, from 135,780 to 106,928, as did the number of attacks – from 148,419 to 108,973. This, however, does not signal that the threat has become less significant. The results showed a wide variety of files infected both by malware and not-a-virus threats – these included RiskTools, Adware and Downloaders. In fact, in 2019, 473 families of malware and not-a-virus threats belonging to 32 varieties were spread, slightly less than 2018 with 527 families and 30 varieties.

Unique files distributed, the number of users affected and the number of detections of malicious files masked as adult content for PCs in 2018 and 2019. Source: Kaspersky Security Network (download)

Looking at the threats that attacked most users, we see a growth in the share of Trojan-Downloaders – a type of malicious software capable of downloading any other software after installation of the Trojan on a device. Two out of every five users (39%) that downloaded malware under the guise of porn-related content were attacked by this threat. Trojan-Downloaders enable attackers to adapt their strategy and target infected users with whichever malware they deem most effective and profitable.

Once launched, the Trojan-Downloader.Win32.Autoit.vzu distracts the user with the desired video while simultaneously trying to covertly download and launch another malicious file on the infected device

Other types of Trojans are also a popular choice for cybercriminals, followed by not-a-virus threats such as Downloaders and Adware. It’s important to note that Trojan-Ransom and Backdoors, relatively dangerous threats, still remain in the top 10. These threats have been decreasing for a while, but we see that they have not been rendered obsolete. In particular, ransomware that spreads via porn-related docs is more likely to be targeted activity focused on users that view illicit content and wouldn’t want anyone to find out about it.

Top 10 classes of threat that went under the guise of porn-related categories by the number of attacked users in 2018 and 2019. Source: Kaspersky Security Network (download)

A closer look at the most popular detection names demonstrates that the difference between the most prevalent threats in 2018 and 2019 is very minor. Downloaders became even more popular due to their aforementioned flexibility, accounting for six of the top 10 detections in 2019. Adware and not-a-virus Downloaders also remained widespread.

Top 10 detection names for threats disguised as porn-related content, by the number of attacked PC users, in 2018 and 2019. Source: Kaspersky Security Network (download)

Credential hunters

In the digital age, virtually anyone is at risk of losing personal information, particularly valuable credentials. In order to automate the gathering of this information, cybercriminals use credential hunters – a type of malware, whose purpose is to steal login information from various websites and services. We track this sort of malware using our botnet-tracking technology, which enables monitoring of active botnets, gathers intelligence and prevents emerging threats.

Once installed on a PC, this malware can monitor web pages that are opened or create fake ones prompting the user to enter their login and password credentials. This technique is most often used for stealing banking details, though porn sites have not been immune to this malicious activity either.

The dynamics of botnet activity in relation to porn content over the past three years shows a curious tendency – it drew more interest from various groups in 2018, but started declining in 2019, even though the overall number of attacks continued to grow. This is reflected both by a significant decline in the number of users affected by botnets that stole porn accounts in 2019, as well as a decrease in the variety of botnets used to hunt for credentials. For instance, in 2017 only three malware families hunted for porn-related accounts; in 2018 the number grew to five families, while in 2019 it dropped to just one named Ramnit. This further confirms that at some point in 2018 more actors engaged in stealing password credentials from porn sites, but for some reason their interest waned in 2019.

The number of attacked users and detections of attacks by botnets hunting premium porn accounts, 2017-2019. Source: Kaspersky Security Network (download)

The number of sites affected in 2019 remained the same as the previous year – pornhub.com and xvideos.com, both among the top three most visited porn sites according to similarweb.com statistics in 2020, were targeted in 2019. As attacks consolidated into the activity of just one family, the number of users affected also dropped by 65% from 110,000 in 2018 to 38,846 in 2019. Nevertheless, the number of attacks continued to grow, increasing by 37% from 2018 to 2019 and reaching a total of 1,169,153 attacks, showing the persistence of botnets in attacking the same users.

Overall, we can conclude that even though less cybercriminals demonstrated an interest in credential hunting from porn sites, the threat is still real and focused only on the most visited sites, reflecting the cybercriminals’ understanding of potential demand for credentials on the black market.

Mobile threats

To learn more about mobile threats related to illicit content, we checked all files disguised as porn videos or adult-content installation packages for Android in 2018 and 2019. While we still used porn tags as a filtering criterion – as we did for the analysis of PC-based threats – the methodology was slightly different. We ran 200 popular porn tags against our database of threats in order to gain the fullest insight into porn-related mobile threats. The analysis showed results for 105 tags in 2018 and for 99 tags in 2019, demonstrating that not all porn attracts cybercriminals. Even though less tags were used to spread malicious files disguised as porn, in 2019 the number of users attacked by porn-related malware and not-a-virus threats grew two-fold, reaching 42,973 compared to 19,699 users attacked in 2018.

We also separately ran 40 ‘violent’ porn tags against the same database of detections on Android devices. The violent category included a variety of tags associated with sexual violence against another person. The hypothesis was that more unusual porn tags might demonstrate a disproportionally higher level of malicious activity. However, the results showed that these tags are hardly used for spreading malware, with 270 and 133 attacked users in 2018 and 2019 respectively.

Analysis of the types of threats distributed via such porn-related files demonstrated a slight growth in their variety – in 2018 we found 180 malware and not-a-virus threat families belonging to 20 classes of threats, while in 2019 the numbers were 203 and 20 respectively. Adware, software that’s used to show and redirect users to unwanted advertising pages, remained in first place in terms of variety, with a fifth (19%) of malicious files being AdWare installers. Not-a-virus: RiskTools and Trojans remained among the top three types of threat both in 2018 and 2019, even though their proportions have changed slightly.

Top 10 types of mobile threat that make up the variety of porn-related categories, in 2018 and 2019. Source: Kaspersky Security Network (download)

The proportion of Trojan-Bankers, which hunt for banking cards and other payment credentials, dropped from 7% to 5%. Overall, however, we can see that the types of threat distributed under the guise of adult content has hardly changed in terms of variety.

Looking deeper into the types of threats and how widespread they are, we can see that most users have been targeted by adware detected as AdWare.AndroidOS.Agent.f. This was true for 2018 when 39.23% of attacked users were targeted by this threat, and for 2019 with 35.18% of users attacked by it. Furthermore, six of the top 10 porn-related threats for mobile users were adware in 2018 and seven in 2019. This further confirms that the popularity of adware continues to grow.

Top 10 detection names that represent porn-related categories, by the number of attacked mobile users in 2018 and 2019. Source: Kaspersky Security Network (download)

This type of threat is typically distributed through various affiliate programs whose purpose is to earn money per installation or per download of malicious applications by victims, a method we mentioned in earlier sections.

Overall analysis of the prominence of various types of threats shows that although downloading porn-related content from untrustworthy sources typically leads to infection with adware, more serious threats, including backdoors, spyware and ransomware, can still end up on the devices of unwitting users.

Although adult dating is a topic of interest for cybercriminals (see the Phishing and spam section), creating malicious applications that pretend to be sex dating apps doesn’t appear to be worth the effort. This year we analyzed a variety of threats distributed under the guise of popular sex dating applications. Sex dating apps, unlike regular dating apps, are focused on finding a date for a sexual encounter, meaning such apps have a much clearer targeted audience.

We were interested in seeing whether cybercriminals use popular brand names of sex dating apps in order to distribute malware or not-a-virus threats. The number of attacked users, however, turned out to be miniscule – just 32 over the whole of 2019. This is many times less compared to regular dating apps such as Bumble or Tinder, thus proving that malicious files under the guise of sex dating apps are rarely a source of threat to users. This could be due to the fact that downloading such apps involves greater privacy concerns and is therefore carried out with more attention to the legitimacy of the resource.

Our research found that malicious samples of apps used the names of the following brands: Grindr, Down Dating and Tingle. It’s important to note that the malicious software is no connected in any way to the actual sex dating apps and only uses their brand name to trick users.

Detection name %
not-a-virus:UDS:AdWare.AndroidOS.MobiDash.z 55,17%
not-a-virus:HEUR:AdWare.AndroidOS.MobiDash.z 51,72%
HEUR:Trojan.AndroidOS.Hiddapp.ch 10,34%
HEUR:Trojan.AndroidOS.Hiddapp.cg 6,90%
not-a-virus:HEUR:AdWare.AndroidOS.Mobidash.aj 6,90%

 Top 5 detection names for mobile threats pretending to be adult dating apps in 2019. Source: Kaspersky Security Network

Phishing and spam

Phishers and spammers are also not averse to using the porn theme. Our content-filtering technologies give us an insight into the kind of porn-related spam and phishing that users are targeted with, as well as enabling us to protect those users.

It’s important to note that the phishing versions of websites are not connected to the original platforms in any way. Cybercriminals copy the websites, often replicating them down to the smallest detail, making it hard for an unwitting user to tell a phishing page from an original. To make the websites appear as trustworthy as possible, fraudsters usually opt to copy the most popular platforms that are widely recognized by users, such as Pornhub.com, XNXX.com and several others. Such phishing websites are generally blocked by search engines and are therefore usually reached via phishing or spam emails, malware or malicious frames redirecting users to compromised websites or malvertising.

The most common goal of these phishing pages is to gather the personal information of users – their credentials and contact details, which can later be sold or used for malicious purposes. Certain websites employ social media authorization for access to the website – this is done to confirm that a user is over 18. Cybercriminals replicate these authorization pages, so they can get their hands on users’ social media credentials when then log in.

This phishing page replicates the authorization page to Pornhub through a popular social network. Once a user logs in, their social media credentials are stolen by the fraudsters

Pornographic phishing pages are also used to spread malware – once a user starts playing a video, they receive a notification that a video player update is required. The downloaded program, however, is in fact malware.

This phishing copy of the popular XNXX.com site mimics the legitimate website’s homepage and is practically impossible to differentiate from the original

Other phishing schemes target e-wallets and credit card credentials. In such cases the victim is lured to pornographic websites to watch a video that is only accessible if the user registers and provides their payment details.

Spam scam

For a few years we didn’t see much activity in terms of pornographic or sex-related content in spam, but then in 2019 the situation changed. Spam emails usually don’t focus on promoting pornographic content as such, but they are used to lure users to phishing sites using social engineering techniques, extort money or simply to advertise sites with explicit content.

The most common type of spam is that focusing on sex dating. Users receive emails allegedly from lonely ladies who invite them to chat on a website. The user is then directed to a new sex dating website with bots pretending to be attractive women, who then coax money from the victims for various content, such as erotic photos or premium access to the website. Cybercriminals also ask users to share their credit card data in order to ‘confirm their age’. Needless to say, this credit card data will later be used or resold on black market forums.

Emails dedicated to sex dating can either look like advertising or messages sent directly from women

This sex dating app interface shows various dialogues from bots pretending to be attractive women

Users are asked to share their credit card details that will be used to activate an allegedly free membership on the site

We have also seen the spread of spam promoting web porn games, with samples of emails advertising platforms where users can play 18+ games, such as 3D porn arcades, and watch explicit content that actually does lead to genuine websites. The main purpose of these spam emails is to advertise the availability of such content.

The email above advertises a website hosting 3D porn games

One of the darkest and possibly most harmful types of sex-related spam is blackmail or ‘sextortion scams’, which have been used by cybercriminals for over three years. We saw the rise of such emails in 2018 with the email content becoming more and more sophisticated. The trend continued in 2019, with new variations of the scams popping up across the web.

The scheme usually works as follows: users receive emails from scammers that claim to have hacked their computers and recorded them watching porn. The emails claim that the threat actor has contact information for friends and family as well as the social media credentials of the users that the actor will use to spread a video of the victim recorded via webcam. The cybercriminal also lists the technologies he allegedly used to gather information about the user to make the email sound more convincing.

In order to lend further legitimacy, the extortionist will claim to have personal information about the user, for instance, their password. The scammer may even cite a password that is allegedly used by the victim. For this purpose, cybercriminals often make use of databases purchased on the dark web. Because users often have the same passwords for different websites, it can be easy to convince victims that their devices have been compromised, even if the password doesn’t match a specific account. Having scared the victim into believing their reputation could be ruined, the scammers demand payment in bitcoin and even provide basic instructions on how to transfer the money.

This sextortion email demonstrates how cybercriminals try to convince a victim that they have been hacked

Last year the industry also saw variations of these scams: emails were distributed in a different language and the bitcoin number was split in two, so that detection systems wouldn’t identify it as spam. Another social engineering trick – convincing the victim that the girlfriend of one of his friends was compromised and blackmailed, but refused to pay – prompts the user out of sheer curiosity to click on malicious attachments in the emails that then download malware. This shows that the cybercriminals continue to adapt their schemes, taking into account developments in security measures and user behavior.

The dark web and beyond – a peek into the market behind the curtain

The dark web is the go-to place when it comes to understanding how the cybercriminal market operates. Various forums are used for the sale of malware, personal data, and the exchange of knowledge, often, quite practical. They also reflect the market value of stolen personal data. The sale of data is like any other business and the way it is organized resembles regular marketplaces, with guarantees from the sellers, a variety of choice and competitive pricing.

An example of a post made in 2019 on a forum offering stolen accounts for a very low price and providing pricing recommendations for resale

Premium adult website accounts, which we addressed in the Credential hunters section of this report, end up on dark web marketplaces where they are sold both in bulk and individually at low prices – starting from as little as US$0.50 per account. The accounts are usually resold at surface web platforms for up to US$5-10, with sellers even recommending prices for the resale of individual accounts. Furthermore, the buyers of stolen accounts often get a lifetime guarantee that the accounts will continue to work and remain accessible, with an option to replace those that become unavailable. The examples below demonstrate how widespread this practice is – on one forum alone we saw 210 offers of stolen accounts.

An example of an illegal forum that contains 210 offers of porn-related accounts for sale

Stolen accounts, somewhat ironically, are often purchased by individuals who care about their privacy and don’t want their personal information such as credit card data or email addresses revealed. Buyers often pay with cryptocurrency, thus remaining completely anonymous.

An example of an advertisement selling stolen Pornhub premium accounts on a regular forum for a low price. Buyers are offered discounts for buying in bulk

Premium porn site accounts are not the only adult content sold on the dark web and illegal forums on the surface web. A glimpse into the dark web market showed the twists and turns a data leak can take when the exposed content is sensitive. In the past year we have seen numerous cases of private adult content sites leaking content created by webcam models, along with their personal details, devastating the victims. But the creators of adult content are not the only ones at risk. While celebrities are the intended targets of such leaks, regular users may also see their private images end up on the web.

While databases of nude images are often available for free (with a donation-based support system for the publisher), some adult image content, including leaked personal images, is sold, albeit quite cheap – for as little as US$2.00 for a collection. This is the price tag cybercriminals put on the private lives of thousands of individuals, underlining a disturbing tendency that places little value on users’ personal data.

This screenshot showcases collections of nude images, both leaked and collected, sold for as low as US$2.00 per collection

This website offers to download sex tapes and nude content of various celebrities for free

Another disturbing trend that we have seen on the dark market is the extension of malware-as-a-service concept, with ready-to-use packages of content and instructions created for fraud. While in the past hackers may have exchanged information on how to trick users or skim cards, now some offer their expertise in other fields, including money extortion from victims interested in sex or simply human attention, albeit intimate.

For instance, in the example below a user offers a full sextortion package with instructions for new users. The package has been created for fooling users into believing they are talking to a real girl and as a result extorting money from them. It not only includes images and videos of a supposed model, which certainly lends more credibility to the trick, it also contains instructions on how to use it to make money – according to the ad, suitable “both for experienced and beginner user”. As a bonus the seller offers access to various porn accounts and certain gifts, and on top of that, shares information about fraud tutorials that the seller has created.

An example of an extortion package sold on the dark market

The seller goes as far as describing the value of his package and providing tutorials on how to use his product

We have seen blog posts where cybercriminals share their experience of creating and distributing various malware, including sextortion ransomware. For instance, one of them described a process for creating and distributing mobile ransomware focused on sextortion. An app would use a frontal camera to take a picture of a user and, accusing one of watching illicit content, would threaten to distribute the user’s photograph along with screenshots of the content they were watching unless the victim pays. Sound familiar? That’s because the method has been around for years, and is unlikely to go away – as long as there are unprotected and vulnerable users, there will always be someone taking advantage.

Conclusions and advice

The overview of porn-related threats allows us to draw a few substantial conclusions. While we have not seen many changes in the techniques used by cybercriminals, statistics show that this topic remains a steady source of threats. Although PC malware distribution has been dropping – a trend that we have seen lately for a variety of threats – mobile malware is on the rise. With users increasingly using mobile devices for more tasks than ever (and that includes different types of entertainment), it is likely that cybercriminals have responded to this trend. While we cannot confirm a correlation, significant changes in the number of users affected both by PC and mobile malware relating to adult content allows us to at least theorize that this is one of the reasons for the change.

Another important conclusion to draw attention to is that of abuse of privacy. While some users have taken their privacy to a new level by anonymously purchasing online accounts, others remain at more risk than ever of compromising their data. Both the leaks we have seen in the media in the past year and the availability of personal or private information on the dark market for minimal sums suggest that the risks to users are increasing. With cybercriminals able to cross-reference various leaked databases of users, they are able to make more informed decisions on who to target and how, making sextortion and scamming more effective. More than ever, users need to take serious steps to protect themselves by applying advanced security measures and educating themselves on handling their data on the web and evaluating what risks exposure entails.

To consume and produce adult content safely, Kaspersky advises the following:

For consumers:

  • Pay attention to the website’s authenticity. Do not visit websites until you are sure they are legitimate and start with ‘https’. Confirm that the website is genuine by double-checking the format of the URL or the spelling of the company name and try looking for reviews of sites that seem suspicious;
  • If you want to buy a paid subscription to an adult content website, only purchase it on the official website. Double-check the URL of the website and make sure it’s authentic;
  • Check any email attachments with a security solution before opening them – especially from dark web entities (even if they are expected to come from an anonymous source);
  • Patch the software on your PC as soon as security updates for the latest bugs are available;
  • Do not download pirated software and other illegal content. Even if you were redirected to the webpage from a legitimate website;
  • Check application permissions on Android devices to see what your installed apps are allowed to do;
  • Do not install applications from untrusted sources, even if they are actively advertised, and block the installation of programs from unknown sources in your smartphone settings;
  • Use a reliable security solution with behavior-based anti-phishing technologies – such as Kaspersky Security Cloud to detect and block spam and phishing attacks. The solution also incorporates the Permission Checker feature for Android that helps users identify potentially dangerous or questionable requests made by the downloaded app, and explain the risks associated with different types of common permissions.

For businesses:

  • Educate employees on the risks of reckless online behavior – both for themselves and for the business. Schedule basic security awareness training for your employees, such as Kaspersky Automated Security Awareness Platform that covers email security and internet security, among other essential practices.


Temp Mails (https://tempemail.co/) is a new free temporary email addresses service. This service provide you random 10 minutes emails addresses. It is also known by names like: temporary mail, disposable mail, throwaway email, one time mail, anonymous email address… All emails received by Tempmail servers are displayed automatically in your online browser inbox.

YouTube Rolls Out ‘Chapters’ Feature to Mark Specific Content in a Video

HBO Max Now Available on Apple TV and iOS Devices

HBO Max launched today, and is now available on Apple TV, iPhone, and iPad. WarnerMedia’s new streaming service, which replaces HBO Now, combines HBO content with shows and films from Warner Bros and Turner TV.
The service is available as a native app on the ‌Apple TV‌ HD and ‌Apple TV‌ 4K, but second and third-generation ‌Apple TV‌ owners will need to AirPlay HBO Max content…

Temp Mails (https://tempemail.co/) is a new free temporary email addresses service. This service provide you random 10 minutes emails addresses. It is also known by names like: temporary mail, disposable mail, throwaway email, one time mail, anonymous email address… All emails received by Tempmail servers are displayed automatically in your online browser inbox.

‘BBC Together’ Service Lets UK Users Enjoy BBC Content With Others Remotely

The BBC has launched a new experimental online service that lets users watch or listen to BBC programs, prodcasts, and radio with others over the internet at the same time.


Called BBC Together, the online tool is available on Taster, the BBC’s experimental platform, which can be accessed via any web browser. The way it works is that one user finds the link of a program or video clip they want to watch with others – from BBC iPlayer, Sounds or Bitesize, BBC News and Sport websites – and then they paste it into the BBC Together service.

This creates a new group session, which can be shared via a link with friends or family. Each link can currently be watched by up to 50 participants, and the host user can pause, rewind, and fast-forward the content, or choose a new program for everyone to watch at once.

If the idea sounds familiar, you’re probably thinking of Netflix Party, an extension for Google’s Chrome web browser that lets users watch Netflix films and TV shows simultaneously. The service has seen a boost in numbers since the stay-at-home measures came into effect, so BBC Together could also prove a hit, although the Beeb says it’s still just a test run for now.

Temp Mails (https://tempemail.co/) is a new free temporary email addresses service. This service provide you random 10 minutes emails addresses. It is also known by names like: temporary mail, disposable mail, throwaway email, one time mail, anonymous email address… All emails received by Tempmail servers are displayed automatically in your online browser inbox.

Apple Inks Deal With ‘Desperate Housewives’ Veteran Annie Weisman for Apple TV+ Content

Apple has signed a two-year content creation deal with writer and producer Annie Weisman, who has worked on “Desperate Housewives” and is the creator of upcoming Apple TV+ show “Physical,” reports Deadline.


“Physical,” which stars Rose Byrne, is a dramedy set in 1980s Southern California. Byrne plays a quietly tortured housewife who gets into the world of aerobics. Weisman is showrunner on “Physical” and she will also work on other projects exclusively for ‌Apple TV‌+.

Prior to inking a deal with Apple, Weisman was at Universal TV. In addition to “Desperate Housewives,” she also worked on “Almost Family,” “The Path,” “Suburgatory,” and “About a Boy.”

Apple has signed similar content creation deals with a number of high-profile writers and producers, including Alfonso Cuaron, Jason Katims, Lee Eisenberg, Justin Lin, and more. Details on Apple’s content deals and shows that are in the works can be found in our Apple TV Shows guide.

Top Stories

Camera Comparison: 2020 iPhone SE vs. iPhone 8 and iPhone 11 Pro

Apple last week launched its new 2020 iPhone SE, a low-cost $399 smartphone that features iPhone 8 components upgraded with the same A13 chip available in Apple’s flagship iPhones. We did a full hands-on video back on Friday, but we took the weekend to see how the iPhone SE’s camera measures up to the iPhone 8 and iPhone 11 Pro.
Subscribe to the MacRumors YouTube channel for more videos. …

iPhone 12 Lineup With OLED Displays Predicted to Start at $649, Breaking the $999 Barrier

Apple has never sold a new iPhone with an OLED display for under $999, but with the iPhone 12 lineup expected to include a wider range of models, that could soon change.
iPhone 12 pricing could start at $649 this year, according to Jon Prosser of the YouTube channel Front Page Tech. Prosser says this information comes from his same source who accurately revealed the new iPhone SE’s launch…

iOS 13.5 Beta Makes It Easier to Unlock an iPhone With Passcode When Wearing a Mask

Many people are wearing masks that cover their faces when going outside, visiting stores, and other tasks, and Apple’s Face ID iPhones do not unlock when the face is obscured by a mask.
In the iOS 13.5 beta, released this morning, Apple has streamlined the speed with which the passcode pops up when a person wearing a mask is detected, making it easier to get into an iPhone with a passcode…

PSA: iPhone SE’s Haptic Touch Doesn’t Work With Notifications and It’s Not a Bug

Customers who have purchased the new 2020 iPhone SE have found a surprising missing feature – Haptic Touch does not work with notifications.
On the 2020 iPhone SE, long pressing on a notification in the Notification Center or on the Lock screen does not appear to bring up rich notification options to allow iPhone SE users to interact with incoming content. Rich notifications accessed with …

Report Revives Rumors of 5G iPhone With Under-Display Ultrasonic Fingerprint Scanner

Economic Daily News on Monday revived rumors that this year’s 5G iPhone will feature under-display fingerprint scanner technology. According to a machine translation of EDN’s Chinese-language report, touch panel maker GIS, OLED display maker BOE and Qualcomm are collaborating on the ultrasonic technology, which could feature in at least one of the high-end models in Apple’s 5G iPhone…

DisplayPort 2.0 Now Compatible With USB4, Supports Up to Two 8K Displays or One 16K Display

VESA today announced that it has released DisplayPort Alt Mode 2.0, paving the way for future USB4 devices to support DisplayPort 2.0.
Announced in June 2019, DisplayPort 2.0 has a max effective bandwidth of 77.4 Gbps, nearly triple that of DisplayPort 1.4. The new standard enables support for displays with up to 16K resolution, higher refresh rates, HDR support at higher resolutions,…

Newly Discovered macOS Image Capture Bug Can Fill Up Hard Drives With Empty Data

A bug has been discovered in Apple’s macOS Image Capture app that needlessly eats up potentially gigabytes of storage space when transferring photos from an iPhone or iPad to a Mac.
Discovered by the developers of media asset management app NeoFinder and shared in a blog post called “Another macOS bug in Image Capture,” the issue occurs when Apple’s Mac tool converts HEIF photos taken by iOS…

Report Details How Apple and Google Developed Contact Tracing API

Apple and Google developed their upcoming COVID-19 contact tracing tool in record time, according to a new report from CNBC that details how the two companies came together to create the API.
It took Apple under a month to flesh out the project, and in the beginning stages, it was the work of a handful of employees who had started brainstorming a solution to help prevent the spread of…

Temp Mails (https://tempemail.co/) is a new free temporary email addresses service. This service provide you random 10 minutes emails addresses. It is also known by names like: temporary mail, disposable mail, throwaway email, one time mail, anonymous email address… All emails received by Tempmail servers are displayed automatically in your online browser inbox.

Plex’s Ad-Supported Free Video on Demand Feature Gains Content From Crackle

Plex today announced that it is adding to its lineup of ad-supported free video content, introducing TV shows and movies from video entertainment service Crackle.


Crackle brings thousands of free movies and TV shows to Plex, which also includes content from additional partners such as Legendary, MGM, Lionsgate, Warner Bros., and more. Plex users will be able to watch TV shows like Hell’s Kitchen, Snatch, and Roseanne, along with movies that include Captain Phillips, Patriot Games, The Illusionist, and Failure to Launch.

For those who are unfamiliar with Plex, it’s an all-in-one media hub that organizes your entire library of content, from TV shows and movies to music, photos, and more. Plex also offers free access to news, web shows, podcasts, movies, and TV, plus it can even be used to stream live TV with a TV antenna.


Plex’s free media can be played on almost all platforms, including Apple TV, iPhone, and iPad, along with Roku, smart TVs, Android devices, and consoles. All that’s needed is the Plex app. More information on Plex can be found on the Plex website.

Temp Mails (https://tempemail.co/) is a new free temporary email addresses service. This service provide you random 10 minutes emails addresses. It is also known by names like: temporary mail, disposable mail, throwaway email, one time mail, anonymous email address… All emails received by Tempmail servers are displayed automatically in your online browser inbox.

A List of All Streaming Services Offering Free Content and Extended Trials

Multiple streaming services are offering free content options right now, providing a wealth of free-to-watch TV shows and movies on a temporary basis. Below, we’ve rounded up all of the watch-free deals that we’ve found so far, and this is a great list to check out if you need something to do this weekend.

Apple TV+

Many people who have purchased a new Apple product lately already have a complimentary one-year subscription to Apple TV+, but for those that don’t, Apple is offering several Apple TV+ shows for free, with content available through the TV app on iPhone, iPad, ‌Apple TV‌, iPod touch, Mac, select Samsung and LG smart TVs, and Amazon Fire TV and Roku devices.


Shows and movies that are free are listed below:

  • Dickinson
  • Ghostwriter
  • Helpsters
  • For All Mankind
  • Servant
  • Snoopy in Space
  • The Elephant Queen
  • Little America

This is approximately a third of the content on Apple TV+, and it excludes some of the most popular shows like “The Morning Show.” No subscription is required, but you will need to sign in with an Apple ID.

HBO

HBO is offering free access to many of its original TV shows, movies, and documentaries, with the content available sans subscription through the month of April using the HBO Go and HBO Now apps on iOS and Android.


Some of the free shows include “Barry,” “Big Little Lies,” “Silicon Valley,” “Veep,” “True Blood,” and “The Wire,” while free movies include “Small Foot,” “The LEGO Movie 2: The Second Part,” “Pokémon Detective Pikachu,” and more. A full list along with instructions is available on HBO’s website.

Free content from HBO is limited to those in the United States.

AMC Networks

AMC is offering free content that includes the first half of “The Walking Dead” season 10, along with BBC nature documentaries, Sundance movies, and free IFC programming like “Brockmire” and “Mystery Science Theater 3000.”

Free EPIX via Apple TV Channels

EPIX, a streaming service that offers a catalog of movies and TV shows, is currently free for those who access the service through the Apple TV Channels feature in the Apple TV app.


To get to the free content, open up the Apple TV app, choose “My Channels” and then select EPIX. EPIX will be free until May 3. The TV app is available on iPhone, iPad, ‌Apple TV‌, iPod touch, Mac, select Samsung and LG smart TVs, and Amazon Fire TV and Roku devices.

Showtime

Showtime is offering a one-month free trial, which will give people ample time to test out the service and watch some free TV shows and movies. It costs $10.99 per month after the one month trial, so make sure you set a reminder to cancel if you don’t want to subscribe.


You can sign up on the web or on platforms like the Apple TV using the TV app’s Showtime Channel feature.

CBS All Access

CBS’s All Access service is available for free for a one month trial period before the $5.99 to $9.99 per month fee kicks in. It offers access to all CBS television as well as live TV.


You can sign up for a free month of CBS All Access using the TV app’s CBS All Access Channel feature.

As with all subscription-based free trials, make sure to set a reminder to cancel so you don’t accidentally get charged if this isn’t a service you want to keep long term.

YouTube Originals

YouTube has made several of its original series available for free, with a list available through Google.

PBS Kids

For the time being, PBS Kids has updated its iOS app to remove the requirement that people create a login to watch content, so kids can watch through the app with no hassle. PBS Kids content is free.

Amazon Prime Now

Amazon is offering free access to some kids movies and TV shows without a Prime subscription, in an effort to keep children entertained. Several movies and TV shows are available through IMDB TV, an Amazon-owned service that offers ad-supported content.


Amazon Prime Video can also be accessed through a free one-month trial of Amazon Prime for those who have not yet had a subscription.

Sling Free

Sling TV is providing free SLING content through its apps and through the Sling TV website. Free content includes “Hell’s Kitchen,” “A Quiet Place,” “The Cabin in the Woods,” “Rick and Morty,” and more. No login or credit card is required to access content through Sling Free.

Hulu

For those who haven’t previously signed up for a free trial, Hulu offers 30 days to try out the service. Hulu also allows free trial periods for some eligible returning subscribers. Pricing starts at $5.99 per month after the free trial for the ad-supported service.

Netflix

For those who haven’t previously signed up for a free trial, Netflix offers 30 days to try out the service. Pricing starts at $8.99 per month after the free trial.

Quibi

Brand new short form streaming service Quibi is currently offering customers a 90-day free trial to test out the content. After the trial, Quibi costs $4.99 per month.

Other Services Offering One-Month Free Trials

Below, we’ve listed some other smaller streaming services that have free 30-day trial deals going on right now through the Apple TV Channels feature on the Apple TV. Some of these free trials are limited to the Channels feature, though others are also available on the websites for each service.

  • A&E Crime Central
  • Acorn TV (Use promo code FREE30 on website)
  • Arrow Video Channel
  • History Vault
  • Lifetime Movie Club
  • Noggin
  • PBS Living
  • Shudder (Use code SHUTIN on website)
  • Smithsonian Plus
  • Sundance Now (Use code SUNDANCENOW30 on website)
  • Urban Movie Channel (Use code UMCFREE30 on website)

Guide Feedback

Know of a streaming service offering an extended free trial or free content that we left out? Send us an email here and we’ll add it.

Temp Mails (https://tempemail.co/) is a new free temporary email addresses service. This service provide you random 10 minutes emails addresses. It is also known by names like: temporary mail, disposable mail, throwaway email, one time mail, anonymous email address… All emails received by Tempmail servers are displayed automatically in your online browser inbox.

Apple TV 3 Owners Report Issues Viewing YouTube Content

Apple Releases iOS and iPadOS 13.4.1 With Fix for FaceTime Bug

Apple today released iOS and iPadOS 13.4.1, minor updates that come two weeks after the release of iOS and iPadOS 13.4, major updates that introduced iCloud Folder Sharing, a new Mail toolbar, trackpad support for the iPad, and more.
The iOS and ‌iPadOS‌ 13.4.1 updates are available on all eligible devices over-the-air in the Settings app. To access the updates, go to Settings > General…

Temp Mails (https://tempemail.co/) is a new free temporary email addresses service. This service provide you random 10 minutes emails addresses. It is also known by names like: temporary mail, disposable mail, throwaway email, one time mail, anonymous email address… All emails received by Tempmail servers are displayed automatically in your online browser inbox.