New phishing scam campaign attacked Netflix subscribers

For some Americans, who love spending evenings watching TV series and movies, the idyll of “Netflix and chill” might have ended up pretty bad. Recent phishing scam[1] attack has been aimed at Netflix subscribers. Victims received a fake email that informs about the necessity to update account information. The link, provided in the message, lead to the forged Netflix website where victims were asked to enter their personal information. Even though all phishing sites are down, it’s hard to tell how much damage this attack might have caused for people.

Netflix phishing scam

People were asked to enter not only Netflix login information but also a full name, date of birth, address, credit card details, Social Security Numbers and other sensitive information[2]. There’s no doubt that revealing sensitive information to the cyber criminals might cause serious privacy issues and money loss. Many computer users tend to use the same credentials for all social media websites, emails, and other online services. Hence, cyber criminals might take over other accounts as well. However, losing Facebook or email account is the least problem. Criminals also collected information such as home address and Social Security Numbers, and this might lead to the robbery or identity theft[3].

Strong antivirus programs usually can detect scam websites and warn people about them. However, this time crooks worked harder and used AES encryption to avoid phishing filters. Client-side HTML code was obscured to trick text-based classifiers that they would not inspect website content. According to Mohammed Mohsin Dalla[4] from FireEye, who spotted and analyzed the scam, criminals hosted these sites on legitimate but corrupted servers and did not display these sites to users from IP address that belonged to particular companies like Google or PhishTank.

It’s not the first phishing attack against Netflix. Few attacks have been held last December and August[5]. Then subscribers were asked to reveal their banking details, credit card information and reveal other private details. Bear in mind that Netflix or other online services would never ask to reveal such information as Social Security number or your account password. Why do they need them? Indeed, there’s no logical explanation. So, if you receive some suspicious email and click on the provided link to confirm your account’s information, be critical. Do not rush filling the information. Instead of that, type website address straight into the URL bar and log in from there. Then, you will be sure that you are not a target of some phishing scam.

Even though Netflix scam was stopped, users should stay watchful and careful. We recommend reading Netflix’s security page[6] attentively and follow their recommendations to secure the account. Also, you should change all passwords of other websites, social networks, and other online services.

About the author
Alice Woods
Alice Woods - Likes to teach users about virus prevention

Alice Woods is the News Editor at 2-spyware. She has been sharing her knowledge and research data with 2spyware readers since 2014.

Contact Alice Woods
About the company Esolutions