Security News Netflix Phishing Campaign Takes Advantage of Fare Hike

frogboy

In memoriam 1961-2018
Thread author
Verified
Top Poster
Well-known
Jun 9, 2013
6,720
According to researchers at AppRiver, phishing emails attempt to impersonate a Netflix account-verification email. The message alerts the target to a possible “issue” with his or her account, and then asks the person to click on the provided link. It’s unclear, they added, if the exploited site attempts to steal only a customer’s Netflix login credentials or if there a financial goal in mind, such as credit-card numbers.

A phishing campaign targeting Netflix customers is making the rounds, stealing login credentials. Since Netflix recently announced a service fee hike, spammers saw an opportunity to exploit the situation.“The cyber-criminals use a common technique that spoofs the actual company’s domain name within an exploited website URL,” AppRiver researchers explained. “The exploited website is visually a carbon copy of the Netflix web login screen. Analyzing the HTML code of the site, we were able to find discrepancies that only confirmed our suspicions.”

While the screen capture of the message shows that the attackers are savvy in using the Netflix logo and brand style, a closer look at the verbiage should alert recipients to the message’s bogus nature—grammar and syntax mistakes are a dead giveaway:

“We hold on record for your account, we need to ask you to complete a short validation process in order to verify your details. Once that information has been updated, you can continue enjoying Netflix. Click the button below to get started. A=80 Your friends at Netflix.

But, the average user not paying close attention can easily overlook the strangeness of the message itself, and could believe the link is to a legit Netflix URL. So one of the best ways for users to prevent becoming victim to this type of campaign is avoid clicking any links in the email. Instead, they should opt to visit the company’s website address directly. If there is indeed an account issue, the user should be alerted on the website.

Full Article. Netflix Phishing Campaign Takes Advantage of Fare Hike
 

Zerion

Level 4
Verified
Well-known
Mar 2, 2016
151
Thanks for the warning, this is pretty common, alot of ppl just press the button even tho they did press " Forgot password " etc, i have been getting alot of battle.net ( World Of Warcraft ) mails for like 4-5 years, even tho i stop played long time ago!
 
W

Wave

They target their audience wrong because sending their phishing content to us is a waste of their time, all what happens is their pages get blocked by security vendors and help others to stay away.. If they did it right then awareness wouldn't be spread.. :D Which is good for us. They can keep making mistakes and emailing the wrong people so their sites get reported and blocked!
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top