Urgent warning to Netflix users about new scams involving theft of accounts and credit card information

Science
By William

Cybersecurity experts have discovered an SMS phishing campaign targeting Netflix users in an attempt to steal accounts and credit card information.

Hackers send fraudulent text messages claiming that the victim has not paid for their subscription and that the account will soon be suspended.

A link is also included that takes users to a place designed to resemble the Netflix platform and asks them to provide their login and credit card information.

Experts are urging Netflix members to be vigilant when receiving communications from the streaming giant as hidden signs point to criminal activity.

The language in the posts is a dead giveaway, such as grammatical errors and links with terms not associated with “Netflix.”

Cybersecurity firm Bitdefender, which exposed the scam, has identified the fake messages, including several with misspelled words and strange links.

‘NETFLIX: There was a problem processing your payment. To check if your services are active, log in and confirm your details at: https://account-details(.)com,” a message reads with misspelled words.

Bitdefender has urged users never to open messages from unknown senders and, if they do, not to click on the links containing the text.

Netflix users are being warned about a ‘scare’ scam aimed at stealing their accounts and credit card details

“We will never ask you to enter your personal information in a text message or email,” Netflix said in a statement about the fishy text messages.

‘We will never request payment through a third party supplier or website. If the text or email links to a URL you don’t recognize, don’t tap or click on it.

Bitdefender discovered that the scam has been circulating in 23 countries, including the US, since September.

Other countries targeted include Germany, Spain, France, Greece and Australia.

“A major security problem is that Netflix does not have 2FA (two-factor authentication) and relies only on usernames and passwords,” Bitdefender said.

“This means Netflix customers are highly vulnerable to account takeover attacks via credential stuffing.”

Many Netflix users who received the fake messages have shared how others can avoid being scammed.

Miguel A. Calles, a security analyst, posted a message he received: Notice that ‘http://netflix.com’ is at the beginning of the domain. So it must be prima facie valid, right?

Miguel A. Calles, a security analyst, posted a message he received highlighting that the text contains language errors

Miguel A. Calles, a security analyst, posted a message he received highlighting that the text contains language errors

Bitdefender has urged users never to open messages from unknown senders and, if they do, not to click on the links containing the text

Bitdefender has urged users never to open messages from unknown senders and if they do, not to click on the links containing the text

“Did you notice that the address starts with ‘http://’ instead of ‘https://’ that Netflix and other major companies enforce?”

He further explained that criminals will also add ‘911’ in the URL to increase the urgency among victims.

“Having this number in the address plays with our subconscious that we need to respond immediately,” Calles added, urging users never to click on links from unknown text message senders.

But if users accidentally click on the link, Bitdefender explains the lengths criminals will go to to steal your data and money.

‘Funnily enough, they first want to see if you’re a robot. This is likely done to give potential victims a false sense of security and to reinforce the impression that they are visiting an official website,” the company said.

‘The next step is to collect login details from Netflix customers. Once the user enters these credentials, the attackers have them in their hands.”

Once the login details are provided, a ‘Your account has been temporarily suspended’ warning will appear on the screen with another option to make a payment.

“There’s even the option to pay with a Gift Card instead of a credit card, which is just as good,” Bitdefender said.

“Netflix does offer the option to purchase gift cards, but it’s worth noting that these are not available in every region.”

If users fall for the scam, the company explained that their “Netflix credentials and payment information will likely end up on the dark web, where they will be sold in bundles or as individual items.”

You might also like More from author