×
ADVERTISEMENT
ADVERTISEMENT
ADVERTISEMENT

Phishing alert: Hackers prey on Netflix users to steal credit card details

Last Updated 29 July 2020, 19:15 IST

Thanks to the Covid-19 outbreak, all socialising spaces such as theme parks, theaters, and multiplexes are closed to curb the spread of the infections. With no option to go out of the house, people have switched to Amazon Prime Video, Netflix, SonyLiv and other Over-The-Top (OTT) services to get distracted from the depressing news on the global pandemic and also get their mind relaxed after a hectic online working schedule.

Apparently, this has attracted hackers to prey on naive users to steal financial details through multimedia streaming apps.

The cyber security team of Armorblox has uncovered a clandestine operation of a group of bad actors phishing on Netflix subscribers and siphon off their money.

Modus operandi of Netflix phishing scam
Hackers have developed a legitimate-looking website of Netflix and randomly send an email to victims. The subject line of mail says-- 'Notice of verification failure' from 'netflix@csupport.co' and offers an URL link to verify their Netflix subscription account.

It comes off as a genuine automated alert and warns the subscription will be suspended in 24 hours. This message invokes a sense of urgency and the users unknowingly tap on it.

Fake Netflix email. Credit: Armorblox
Fake Netflix email. Credit: Armorblox

Once clicked, it takes the user to the legitimate domain of a company's captcha authentication screen, which is used in almost all companies' domain page to test whether the person logging in is a human or a robot. This further builds the confidence of the victim to trust the website and type the alphanumerical code displayed on the screen.

Once done, it will take the user to a fake Netflix webpage. It has near-identical graphics of the original Netflix home screen and asks for the consumer to type in their user ID and password. And Then, it further urges the subscriber to type in their billing information and divulge credit/debit card to complete the re-registration of Netflix subscription.

However, upon closer observation, the URL of the website (seen below) will give away the fact that it is a counterfeit page. But, naive users are distracted the genuine graphic design of Netflix and disclose their debit/credit card details.

Fake Netflix webpage. Credit: Armorblox
Fake Netflix webpage. Credit: Armorblox

"Armorblox language models have been trained on tons of data and further customized to suit every customer environment. These models analyzed the email body and detected that there was an unusual request made in the email (which is a common trait in business email compromise attacks). Armorblox language models also detected a sense of urgency used in the email, which is uncommon for support emails from streaming providers," Armorblox said.

Besides that, Armorblox got insights from low communication history, low domain frequency, and other detection signals and flagged Netflix phishing fraud.

Fake Netflix webpage. Credit: Armorblox
Fake Netflix webpage. Credit: Armorblox

It can be noted Netflix doesn't allow users to extend the service subscriptions on Apple devices, as the company claims the latter asks for a hefty commission via App Store and hence ask the users to renew the plan on their own website.

Now, with the emergence of the phishing scam, Netflix users and other OTT subscribers are advised to be wary of emails particularly related to registration and billing notice. Also, make sure the URLs of the website have a company's domain name such as Netflix.com before typing in the financial details.

Get the latest news on new launches, gadget reviews, apps, cyber security, and more on personal technology only on DH Tech.

ADVERTISEMENT
(Published 29 July 2020, 18:35 IST)

Follow us on

ADVERTISEMENT
ADVERTISEMENT