With Netflix being an on-demand part of our lives, it is understandable that we would always want to have our accounts available and ready to go when the need for streaming arises. Therefore, a new series of credible attacks targeting Netflix users seems quite likely to steal credit card information.
This disturbing news comes from security firm Armorblox, which recently discovered that a Netflix phishing attack is aimed at taking your billing information.
The attack began with an email claiming to be from Netflix support, claiming that "there was a problem with the process of verifying your monthly billing address and payment details" and that "if you do not update your information promptly, your subscription could be suspended within 24 hours."
With such a timeframe thrown around, recipients may feel a bit panicked and want to resolve this measure. Therefore, they are more likely to click on the text that says "Click Here To Update your information." Unfortunately, this will only send them to a fake Netflix website, where the data will be raked up.
First of all, be suspicious of links sent at random; they are often unreliable, like cold calls posing as Windows technical support.
If I receive a text message or email alert claiming to be customer service for a bank, streaming service, etc., and it asks me to click a link to log in, I immediately skip over the email or text.
Instead, I open the actual page for the service in question and access my account. If there is any problem that needs to be fixed, I am prompted to fix it there.
Then, when you see those texts, look closely at the URL you are prompted to click on, preferably hovering over the link on your desktop. long-pressing to preview on iOS or iPadOS will start the page loading on your device and cause other headaches could lead to.
In this example, the address of the rogue Netflix CAPTCHA page is "https[:]//wyominghealthfairs[.] com/cpresources/d3835d8b/1/", which is clearly unrelated to the streaming service champion. (The Wyoming Health Fairs website was probably unaware that it had been hacked.)
Then, after entering the CAPTCHA, axxisgeo[.] com address until you see a page that looks like the official Netflix website. Again, it is not Netflix. Do not trust it.
Armorblox details that both of the fraudulent web pages are hosted on legitimate web domains where security certificates are all maintained.
A CAPTCHA test that proves you are human is another effective barrier to detecting these phishing pages. This is because both browsers and antivirus software often rely on computer algorithms to quickly process suspicious sites.
And right after entering your Netflix billing information? The scam site redirects you to the actual Netflix home page, so everything seems to be working.
This type of scam targets the informationally weak. Share this lesson with your friends and elderly relatives so they don't fall into the trap.
The sites of AxxisGeo (a Norwegian offshore drilling company) and Wyoming Health Fairs have both had these phishing pages removed. But let's remain vigilant, as the crooks behind them can easily drive a stake elsewhere.
Comments