Recommended

Netflix Scam News 2017: Phishing Attack Targets Streaming Service Subscribers

Subscribers of the streaming service giant Netflix were the most recent targets of a massive phishing attack.

According to a recently published study by Google, phishing was the most used attack by online scammers to trick people into giving away private information such as passwords, credit card numbers, and other types of identification.

For phishing to work, attackers normally spread fake emails that were made to look like they legitimately came from a real company, in this case, Netflix. Target clients would then be asked to open a link which would lead them to a fake website remotely controlled by the attackers who would gain access to the information a person entered on that page.

Get Our Latest News for FREE

Subscribe to get daily/weekly email with the top stories (plus special offers!) from The Christian Post. Be the first to know.

The recent internet fraud was first spotted earlier this month by the Australian cybersecurity firm MailGuard. In their report, MailGuard described the phishing attack to be "relatively well-designed" because the attackers has devised a template system to send out what seemed like very "individualised messages with specific recipient data."

"This works like a mail-merge; the body of the email is generic, but the sender field is designed to show the name of the intended victim, which personalises the scam making it more convincing," MailGuard added.

On the other hand, even though the attackers used a certain template system, their operations were far from perfect. Security analysts from MailGuard spotted an example where the mail-merge trick did not work well, and instead of showing a personalized message, it read: "Dear #name#."

However, for messages where the mail-merge was successful, the scammers' phishing email was very convincing, as shown on screen-captured images from MailGuard.

To trick the Netflix subscribers into entering private information on a website controlled by the attackers, the latter alerted potential victims of an unsuccessful billing that they could remedy if they updated their information through a provided link.

Once the said link was opened, targets were redirected to yet another great copycat of the real Netflix desktop page. However, a quick look at the URL bar will give users a red flag as it read www.vegankiss.net instead of www.netflix.com.

"The fake Netflix site this scam is using is built on a compromised Wordpress blog. Scammers can break into Wordpress sites by making use of vulnerabilities in blog plugins and once in, they can make the website look enough like a real Netflix login page to trick their victims," MailGuard further explained.

Was this article helpful?

Help keep The Christian Post free for everyone.

By making a recurring donation or a one-time donation of any amount, you're helping to keep CP's articles free and accessible for everyone.

We’re sorry to hear that.

Hope you’ll give us another try and check out some other articles. Return to homepage.