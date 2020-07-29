- Advertisement -

A brand new Netflix phishing scam was making the rounds which attempt to steal your login and credit card information by tricking you into updating your accounts.

Constantly make sure you triple check the sender until you click a link inside of any email you receive.

Netflix phishing scam

The internet is a dangerous location.

By now, many of us are informed enough to prevent the most obvious scams and ploys online.

But much like a mutating virus, this compels the bad actors to adapt.

As a result, scams become much harder to detect, which is why it’s so important to be diligent when visiting sites or opening emails which look suspicious.

Netflix customers began receiving emails in their inboxes

Armorblox first seen the phishing attack a few weeks back when Netflix customers began receiving emails in their inboxes that claimed to be out of Netflix Support.

The email informed the clients there was a difficulty verifying their details and that it was leading in billing difficulties.

They were told their accounts could be cancelled 24 hours if they did not update their personal info to solve the problem.

“When targets clicked the link, they had been led to some fully-fledged.

Netflix lookalike site with a phishing flow that asked them to associate with their Netflix login credentials, billing address, and credit card details.

” Armorblox co-founder Chetan Anand clarified from the blog post.

“Once the phishing stream was intact, aims were redirected into the actual Netflix home page, none the wiser about being endangered.”

The first trick that the hackers used was redirecting customers to”a completely functioning CAPTCHA page using subtle Netflix branding.

” if they clicked on the link in the mail .

This made the whole process seem more legitimate, and may have been sufficient to convince some Netflix clients.

Moreover, the CAPTCHA page along with the Netflix clone website were hosted on legitimate domain names.

gas company in Texas

one of which belongs to Wyoming Health Fairs.

and another of that is hosted on the website of an oil and gas company in Texas.

“By hosting phishing pages on valid parent domains.

Investors can bypass security controls according to URL/link protection and also get beyond filters that block known bad domains,” Anand says.

Finally, the Netflix clone website itself.

which you can see below, does look like the actual Netflix login page.

It has a couple of extraneous flourishes, like a”Need help?”

Link along with the option to log in with Facebook (though these additional links reload the exact same page.

they are not functional if you click on these ):