Over 250,000 cyberattacks disguised as popular anime among other shows and streaming platforms favoured by younger audience were detected between Q2 2024 and Q1 2025. — Photo courtesy of Kaspersky

HCM CITY — Cybercriminals are increasingly exploiting Gen Z’s love for anime (Japanese animated film) and other popular streaming content to carry out cyberattacks, according to global cybersecurity firm Kaspersky.

The company found over 250,000 cyberattacks disguised as popular anime among other shows and streaming platforms favoured by younger audiences in the 12 months until the end of the first quarter this year.

Its researchers focused on five anime titles that are especially popular with Gen Z, Naruto, One Piece, Demon Slayer, Attack on Titan, and Jujutsu Kaisen, and found a total of 251,931 attempts to deliver malware or unwanted files disguised under the names of these anime titles.

Among anime titles, Naruto took the top spot, despite first airing more than two decades ago.

Over the reported period it was used as bait in 114,216 attempted attacks. Demon Slayer followed with 44,200 attempts, while Attack on Titan accounted for 39,433.

The cybercriminals often used bait such as “exclusive episodes,” “leaked scenes” or promises of “premium access” to lure fans into downloading dangerous content.

In addition to anime, Kaspersky also analysed five iconic films and series that continue to resonate with Gen Z: Shrek, Stranger Things, Twilight, Inside Out 2, and Deadpool & Wolverine.

These shows alone accounted for 43,302 attack attempts with a pronounced spike in attention to these titles from cybercriminals at the beginning of 2025. This is primarily connected to the rise of attacks on Shrek, with over 36,000 attempts in total and a sharp spike in March 2025, double the monthly average for 2024.

Streaming platforms themselves are also a frequent target.

Kaspersky recorded 96,288 attempts to distribute malware under the guise of major streaming services such as Netflix, Amazon Prime Video, Disney+, Apple TV Plus, and HBO Max.

These are central to Gen Z’s digital lives and provide cybercriminals with a constant stream of opportunities.

Netflix was the most impersonated service, with 85,679 attack attempts and over 2.8 million phishing pages designed to mimic its branding.

The most common tactics were fake login pages, fraudulent free trial offers and spoofed password reset emails.

Vasily Kolesnikov, security expert at Kaspersky, said: “As the world of entertainment continues to evolve, so do the tactics used by cybercriminals to exploit popular content, whether through fake downloads or fraudulent merchandise offers.

“From beloved anime like Naruto and Demon Slayer to the latest blockbusters like Inside Out 2, scammers have found new ways to take advantage of Gen Z's affinity for digital culture and streaming platforms.

“With the rise of these cyberthreats, it's more important than ever for young users to stay vigilant and understand how to protect themselves online.”

To raise awareness, Kaspersky has launched Case 404, an interactive online game that teaches cybersecurity skills in a fun and engaging way.

The company also recommends using legitimate streaming subscriptions, downloading apps only from official sources, verifying the authenticity of websites before entering personal information, avoiding suspicious file extensions, and using reliable cybersecurity software. — VNS