New Netflix Phishing seeks to steal user credentials

ESET Latin America warns of a new campaign of fake emails that uses the image of Netflix to steal the credentials of access and bank data of the user account of the platform.

With more than 140 million users worldwide, the Netflix streaming platform continues to be a target for any cybercriminal looking to make personal information quickly. ESET, company leader in proactive detection of threats, alert about a new hoax related to fake emails that are passed off as Netflix to steal the credentials of access and data from the accounts of unsuspecting users.

ESET’s lab recently identified a new mail allegedly from the platform, indicating that some suspicious activity had occurred and that the login information needed to be verified.

Any unsuspecting user might assume that this is a real shipment by the series and movie service provider, and click on the UPDATE link to avoid losing access to your service. Through this direct link, there is no identified first-hand that the web that is directed does not correspond to any official address of service Netflix, does not even appear in any part of the composition of the link.

Then, you enter a domain that refers to an alleged Netflix team, where it is noted that the server is a free hosting service from United Arab Emirates. The screen with which the user is found is the following:

The screen copies the original site perfectly and has as a particular that before the entry of any user and password, there is no type of credential verification but it takes the attempt to steal data one step further, requesting the entry of the credit card data associated with the account.

Again It does not verify the entered data, only it is validated that it meets the requirement of length in some fields. After giving the requested information, the site finally rediccionará the user to the original Netflix portal, having achieved the task of stealing access credentials and payment data from the account.

“In a slightly more thorough analysis could not be verified to perform second actions such as downloading some malware, or the execution of some additional code that would affect the resources of the machine, so you can interpret that this is a campaign that BU SCA only stealing personal information presumably to sell on the black market (Selling the data on an active credit card is around 45 U $ D on the Dark Web), or for use in other targeted attacks. “, commented Camilo Gutierrez, Head of the Laboratory of ESET Latin America.

To avoid falling into this kind of deceit, from the Research Laboratory of ESET Latin America is advised:

  • Avoid accessing links that arrive unexpectedly by email, or other means.
    • Check the sender of the same and that it coincides with the service to which it refers.
  • Have security protections on the device that can make a barrier to these cases, such as ESET Mobile Security If you are using mobile devices or ESET Internet Security for desktop devices.
  • In the case of suspecting the veracity of the message, it is recommended to access it in a traditional way and check there if everything is correct, or eventually make a change of credentials.

ESET presented #quenotepase, with useful information and tips to prevent everyday situations affecting online privacy. For more information we recommend reading the Guide to avoid cheating on the internet.