Hackers are reportedly utilizing a phishing marketing campaign that tells customers that their Netflix account has been suspended, with a view to immediate them to go to a maliciously crafted web site that’s used to steal their Netflix password and banking data. In accordance with particulars shared by a safety agency, criminals are utilizing a way of urgency to immediate folks to supply their fee data on phishing web sites. Netflix doesn’t at present provide help for two-factor (2FA) authentication, which provides a second layer of safety along with the person’s password.
Stolen Netflix Consumer Information May Finish Up on the Darkish Net
Bitdefender not too long ago identified a brand new phishing rip-off that’s designed to persuade customers that their Netflix account will probably be suspended, resulting from a failed fee. In accordance with the safety agency, hackers are utilizing the rip-off to steal a person’s Netflix username and password, whereas additionally gathering their banking data.
Hackers information customers via the method of sharing their logins and banking data
Photograph Credit score: Bitdefender
With the intention to goal customers with the Netflix suspended account rip-off, hackers ship customers an SMS that tells customers that there was a difficulty processing their fee, instructing them to check in and “affirm” their particulars by tapping on a hyperlink. Customers who achieve this are taken to the phishing web site.
With the intention to persuade customers that the phishing web site is respectable, the hackers immediate them to unravel a simple arithmetic drawback with a view to show they don’t seem to be a robotic. Nonetheless, a look on the URL of the phishing web site would reveal that it’s not hosted on Netflix’s area (netflix.com).
Customers are then prompted to enter their e-mail deal with and password on the phishing web site, which seems to be equivalent to the official Netflix login web page. The hackers acquire entry to the person’s credentials — granting them entry to their account, because the service doesn’t provide any type of two-factor authentication.
Netflix person knowledge is being bought for as little as $2.99 on the darkish net
Photograph Credit score: Bitdefender
The hackers then present customers a web page that claims their account is briefly suspended as their main fee can’t be billed. They’re then requested to enter a credit score or debit card quantity and expiry date, alongside the CVV quantity. The hackers additionally provide customers an choice to buy present playing cards, that are solely obtainable in some international locations.
As soon as these particulars have been stolen, hackers promote the Netflix credentials and the bank card data on the darkish net. The safety agency additionally shared screenshots of a few of these credentials obtainable for buy for as little as $2.99 (roughly Rs. 250), which will be bought by consumers utilizing cryptocurrencies.
With the intention to preserve their data secure from hackers, customers ought to solely belief emails despatched from the Netflix.com area — these are delivered through e-mail, not SMS — and it’s straightforward to examine the sender’s data. If customers obtain a message, they will go to the Netflix web site by typing the netflix.com URL within the deal with bar and checking their account after logging in.
Catch the newest from the Client Electronics Present on Devices 360, at our CES 2025 hub.
About The Author
