Global Netflix Phishing Scan Identified

A new global phishing scam has been identified in which hackers target customers of Netflix, the world’s largest streaming organisation.

The U.S. Federal Trade Commission, an independent agency of the United States government, issued a warning about the Netflix scam late in December 2018. The phishing scam attempts to fool Netflix subscribers into handing over account information and payment information by telling them that there has been an issue with their payment method and it must be updated, otherwise their account will be closed.

Phishing attacks are attempts made by cybercriminals to obtain sensitive information such as passwords or credit card details from a victim by pretending to be a reputable organisation via electronic communication channels. Often conducted through emails, the messages look surprisingly legitimate, and often direct the victim to a website which is a convincing copy of the genuine site. The only noticeable difference between the two web pages may be the URL, which ignorant victims may not spot. When the user inputs their credentials into the fake website, the cybercriminal can harvest them and then use them for nefarious purposes, often for financial gain. The effects of this type of identity fraud are often devastating to the victim.

This phishing campaign follows this typical formula of phishing attack; the user is provided with an “Update Account Now” button which they can click to enter their correct payment information. On clicking this link, the user is taken to a website designed by the scammer to harvest their Netflix login information and payment details.

The email is a good copy of a legitimate Netflix email; it has the Netflix logo and correct colour scheme. However, there are some telling signs that it is a spoof email; it addresses the recipient as “Hi Dear”, and uses the British spelling “center”, although Netflix is an American organisation. Another sign is the phone number on the email is a U.S. number, which for any individual based in another country would be highly suspicious, as Netflix would have offices in other countries. Furthermore, the hyperlink is clearly not for the official Netflix website.

Despite these giveaways, only the most suspicious of Netflix users would be wary of the email or notice the fake hyperlink. It is likely that due the the branding, and the plausibility of the request, most would respond to this “urgent” message by following the link and inadvertently giving the hacker their sensitive information.

This phishing campaign was identified by the Ohio Police Department, which shared a copy of the phishing email on Twitter and Facebook.

With over 137 million users worldwide, even if the scam only reached a small proportion of them, and even if a small proportion of those respond, the hacker may have gained access to thousands of accounts.

To avoid phishing scams such as this, it is essential to carefully check all email messages before clicking any links or downloading any attachments. It is typical for phishing emails to contain requests for “urgent action”. Instead of responding directly in the email, it is advised to visit the official URL for the company directly by entering in the website directly into the browser rather than clicking a link in an email, and taking any action from there. If you suspect an email is fake, delete it, and information the organisation and local law enforcement of the scam.

Author: Defensorum

Share This Post On