Netflix users may need to be extra cautious with a new phishing scam underway that is trying to trick people into believing they did not pay for their Netflix subscription in order to gain their Netflix credentia.s and credit card information.
The new scam first came to light after a blogpost by cybersecurity firm Bitdefender. The scare campaign could have begun back in September and spans across 23 countries including Germany, Spain, United States, France, Greece, Portugal, Australia and others.
How are Netflix users being targetted?
The phishing campaign starts by creating a sense of urgency among the user by sending them a time sensitive SMS stating that there was an issue in processing their last payment, followed by a official looking link to sign in and confirm their Netflix credentials in order to continuing using the streaming service.
One of messages shown by Bitdefender reads, “NETFLIX: There was an issue processing your payment. To keek (sic.) your services active, please sign in and confirm your details at https://account-details[.]com.”
One the user clicks on the link on the link in the SMS, they are greeted with a replica of official Netflix website where they will be asked to enter their login credentials. In the following page, users will shown that their Netflix account is suspended and asked to enter their personal information, followed by credit card details to continue using the website.
The Netflix credentials and credit card information on the user then most likely goes on Dark Web, where they will be sold either as bundles or as a single item.
Netflix reacts to scare campaign:
Netflix has also issued an official statement in the matter, stating that it does not ask users to enter their personal information via text message or email.
“We will never ask you to enter your personal information in a text or email. We will never request payment through a 3rd party vendor or website. If the text or email links to a URL that you don’t recognize, don’t tap or click it.” Netflix said in a statement.
Source link