Posted on

Netflix Warns of Highly Sophisticated Phishing Scam

netflix

November 11,2017

the staff of the Ridgewood blog

Ridgewood NJ, If you get an email from Netflix telling you that your account is suspended due to a problem validating your credit card, don’t believe it.

It’s most likely a very sophisticated phishing scam that first made its appearance this year and has since gone out to tens of millions of people.

Wired reports that the cybercriminals behind the scam have continued to send it out with almost no alterations, a likely sign that it’s proving effective as a way to fool people into revealing their Netflix username and password, and even credit card numbers, home address, and date of birth, which they can sell this data on the dark web.

This phishing scheme is good enough to fool even the most sophisticated users. For instance, Netflix always advises users that “Netflix will never ask for any personal information to be sent to us over email.” That may be a great safety tip, but it won’t help you here because this scheme doesn’t do that. Instead, it asks users to click on an official-looking link to “Restart your membership.”

Click on the link and it will take you to what looks for all the world like a Netflix page there are even a still from the hit Netflix series The Crown in the background. The page prompts you to log in, or sign in with Facebook. If you do, of course, the hackers now have your Netflix (and maybe Facebook) credentials.

Once that’s done, the system takes you to a second screen with the Netflix logo, where you’re asked to “validate your payment information” by entering your credit card number and security code, and possibly your home address. Then the hackers will have those, too.

The hackers have created¬†sophisticated techniques to avoid being recognized by any security system. The fake Netflix pages won’t work for users whose IP addresses belong to known security companies, making it hard for security experts to test out and examine them. In some cases, the HTML for the pages is actually encrypted so that it can’t even be scanned .