A new Netflix phishing campaign was brought to my attention so I decided to share the news with all of you. It’s true that are more pressing matters to be worried about in the times we’re living through. Healthcare systems are under attack by malicious groups as well and company IT systems are having a hard time coping with mass remote work.
But still, smaller phishing campaigns such as this new one for Netflix should not go by unseen and unreported. Especially since many of you might create Netflix accounts for the first time right now.
Reports of Increased Phishing Activity Across All Mediums
We had intelligence that phishing and spear-phishing scams are experiencing a slow rise since the end of last year, but 2020 saw a sharp spike. Coronavirus fears are sadly seen as an opportunity to take advantage of by malicious groups worldwide. Therefore, there’s a huge surge in phishing campaigns across the board, some of them COVID-19 themed and some of them not.
Even when they are not explicitly using the Coronavirus fears as a phishing pretext, hackers definitely know what they are doing. A side effect of the pandemic is this widespread societal and cultural transformation that we are all living through. Swarths of people are working remotely and spend almost all of their time indoors.
This means two things. One is that people are creating more accounts for platforms they can use while at home. Hence hackers can use this pretext of a new account as a phishing technique, like in the new Netflix phishing campaign that we discovered. The second is that people are still getting accustomed to working from home, which again means more opportunities for phishing and other security risks.
How the New Netflix Phishing Campaign Looks Like
This email is obviously part of a greater scam, involving phone calls as well. The ideal victim of this new Netflix phishing campaign picks up the phone and calls the phony support line stated in the email.
If the user does not and simply clicks on the Help Center link listed in the email, they will be redirected to the legit Netflix Help Center. Unfortunately, during these times, the portal might display notifications such as these:
That might prompt users to try again, only succeeding in getting in touch with the malicious parties who set up the Netflix phishing campaign. It’s not the first time support phone numbers were actually used for scams.
Netflix Users Are Especially a Target in Times of Remote Work and Quarantine
Since the COVID-19 pandemic started and people started spending much more time indoors, the usage of internet streaming services spiked up. So much so that YouTube and Netflix both announced that they are reducing their video streaming quality across Europe.
But this is obviously not a deterrent to people who are stuck at home and dealing with all the worries that these times are bringing. More and more users are creating Netflix accounts since the pandemic started and the trend doesn’t show signs of slowing down. No wonder the service (and similar ones) are forced to reduce the video quality until they figure out how to cope.
Unfortunately, this also means more phishing. Even emails shot in the dark, as these most likely are, have a high chance of landing on a target. When many people are creating an account, a Netflix phishing campaign pretending to respond to account creation is much more believable.
How to Stay Safe from the New Netflix Phishing Campaign
Whatever email you are receiving from Netflix (or beyond), remember that no legit website will ask for your credentials. No matter how good their grammar is, an email is surely a phishing attempt if you are redirected to a page where you’re asked for your login details.
So, don’t fill in anything sensitive (email address, passwords, etc.) and just close the tab. Ignore the email.
Unfortunately, some malicious emails are more sophisticated than this Netflix phishing campaign. In some cases, you can get your device infected simply by clicking the wrong malicious link, even if you’re not entering any credentials. For that kind of threat, a DNS filter is what you need.
You can try our all-in-one solution for home users, Thor Premium Home for one month and see how it fits. It contains Antivirus, the DNS filter which blocks unknown threats (like malicious links) and an auto-updater for software.
SECURE YOUR ONLINE BROWSING!Get Thor Foresight
We’re living interesting times, as one of my favorite authors would have said. Stay safe and don’t click suspicious links!
The post SECURITY ALERT: New Netflix Phishing Campaign Detected appeared first on Heimdal Security Blog.