Links to leaked scenes even exclusive episodes are now circulating online. Blockbuster movie and anime titles including Stranger Things, Twilight, Deadpool & Wolverine, Naruto, One Piece and Demon Slayer can now be found. But beware. This content is not really exclusive footage. It’s bait. And you’re the intended victim.
That’s the new warning from Kaspersky, shared exclusively here for the first time. “Kaspersky has found over 250,000 cyberattacks disguised as popular anime among other shows and streaming platforms favored by younger audience.”
The team says “streaming is more than a pastime,” for Gen Z, “it’s a way of life.” Accessing this online content “provides connection to the characters, worlds and fandoms that define their identity.” The lures are simple. Pick a viral title and spice it up with some exclusivity and time-limited access, and the trap is set.
Anime has proven particularly effective for cybercriminals. More than 65% of Gen Z now “regularly watch anime, making them the most anime-engaged generation in history.” Kaspersky picked just five popular titles and found “251,931 attempts to deliver malware or unwanted files disguised under [those]
names.”
Anime is especially effective given the arbitrary nature of some of the websites fans visit, the lure of overseas content and the nature of the content itself. Naruto topped the list, “despite first airing more than two decades ago.”
Hollywood titles are a trickier lure, as such content is more likely to be seen as illicit and might trigger more wariness. But Kaspersky still found it was remarkably effective. Again, analyzing just five titles found “43,302 attack attempts with a pronounced spike in attention from cybercriminals at the beginning of 2025.”
Shrek in particular proved remarkably effective, out-luring more recent offerings such as Inside Out 2 and Deadpool & Wolverine. The research also found the streaming platforms themselves mimicked with malicious redirects and fake webpages. “Platforms like Netflix, Amazon Prime Video, Disney+, Apple TV Plus and HBO Max have reshaped movies, series, and anime watching,” but also cyberattacks.
Kaspersky found almost 100,000 “attempts to distribute malicious or unwanted files disguised as the names of these major streaming platforms. Unlike seasonal trends, streaming platforms offer a continuous flow of content, from highly anticipated premieres to hidden gems that viewers discover months or even years after release.”
Netflix topped the charts for cybercriminals aping brands, moving beyond content to free trials, password issues and security alerts. Just as with Microsoft, Google and other tech brands, the same account security warnings apply. Unfortunately, Netflix’s account security is much more basic than those others. There is no two-factor authentication or passkeys, so we’re just in long, unique password territory.
Kaspersky’s Vasily Kolesnikov warns that “as the world of entertainment continues to evolve, so do the tactics used by cybercriminals to exploit popular content, whether through fake downloads or fraudulent merchandise offers. With the rise of these cyberthreats, it’s more important than ever for young users to stay vigilant and understand how to protect themselves online.”
The team has issued a three-point guide to staying safe when you stream:
- “Always use a legitimate, paid subscription when accessing streaming services and ensure you’re using apps from official marketplaces or the official websites.
- Always verify the authenticity of websites before entering any personal information. Stick to trusted, official pages when watching or downloading content and double-check URLs and company name spellings to avoid phishing sites.
- Be cautious about the file extensions you’re downloading. Video files should not have .exe or .msi extensions — these are typically associated with harmful programs.”