{"id":19109,"date":"2021-11-17T14:59:33","date_gmt":"2021-11-17T10:59:33","guid":{"rendered":"https:\/\/me-en.kaspersky.com\/blog\/netflix-phishing\/19109\/"},"modified":"2021-11-17T15:00:49","modified_gmt":"2021-11-17T11:00:49","slug":"netflix-phishing","status":"publish","type":"post","link":"https:\/\/me-en.kaspersky.com\/blog\/netflix-phishing\/19109\/","title":{"rendered":"Phishing in Netflix and beyond"},"content":{"rendered":"

Movies and TV shows have been a huge source of comfort for many in these COVID times, and the number of new shows on Netflix, Amazon Prime, and the like has skyrocketed. But when searching for the latest megahit, don\u2019t neglect basic security measures or you might find that someone else is enjoying it at your expense \u2014 or worse, that the money in your bank account has evaporated.<\/p>\n

It\u2019s more fun to ponder what to watch next than to dig through security settings, but attackers are ready and waiting to siphon off your personal and payment information.<\/p>\n

Phishing bait<\/h2>\n

Streaming services offer a variety of payment plans, but generally they all involve paying with a credit card. And where there are card details, there is phishing. What\u2019s more, newbies and seasoned account holders may experience different forms of bait. We collected some examples from users who agreed to share threat information.<\/p>\n\n

<\/p>

\u201cSubscribe now!\u201d<\/h3>\n

To sign up for a streaming service, you need a valid e-mail address; and to pay, you need some form of online payment such as a credit card or PayPal account. (If you plan to watch Apple TV, you\u2019ll also need an Apple ID.)<\/p>\n

Unsurprisingly, cybercriminals have created fake sign-up pages to net all of those goodies in one go. Armed with your info, they can withdraw or spend your money right away; your e-mail address should come in handy for future attacks.<\/p>\n

In the example below, the fake site is not very convincing. Can you spot the phishing signs<\/a>?<\/p>\n

\"Fake<\/a>

Fake Netflix sign-up page<\/p><\/div>\n

\u201cRefresh data\u201d<\/h3>\n

If you already have a paid subscription, then attackers will threaten to block it, assuming, logically, that you value it. Here\u2019s an e-mail from \u201cfriends at Netflix,\u201d telling the recipient to update or confirm payment details or they\u2019ll close the account. And it includes a big, red button. Don\u2019t rush to click that \u2014 remember what happens in the movies when they push the big, red button?<\/p>\n

\"\"<\/a>

\u201cDear costumer, please update your account\u201d<\/p><\/div>\n

The link takes you to a payment confirmation page. <\/p>\n

Now, many phishing messages contain such obvious mistakes as addressing \u201ccostumers,\u201d but take the form below as an example that actually looks plausible. It has no spelling mistakes or weird design elements, but the inattentive user who falls for it could lose money from their bank account.<\/p>\n

\"Fake<\/a>

Fake Netflix website prompts to enter personal and banking data, allegedly for account reactivation<\/p><\/div>\n

A dangerous premiere<\/h3>\n

In the example below, cybercriminals used popular shows to attract fans who didn\u2019t have subscriptions, offering them the opportunity to watch the shows on the fake website.<\/p>\n

\"This<\/a>

This unofficial page invites fans to watch or download The Mandalorian<\/p><\/div>\n

As a teaser, they show a short clip, which they sometimes try to pass off as a new, previously unaired episode. More often than not, it is cut from trailers that have long been in the public domain. Intrigued victims are then asked to buy a low-cost subscription to continue watching. What follows is a classic scenario: Any payment details users enter go straight to the crooks, and the never-before-seen episode remains such.<\/p>\n

No longer your account<\/h2>\n

Cybercriminals are interested in more than bank account details; account credentials for streaming services are also hot. Because hijacked accounts with paid subscriptions get put up for sale on the dark web<\/a>, you could log in one day and discover someone else is already there.<\/p>\n

After all, depending on your Netflix plan, you can stream on 1\u20134 devices simultaneously, and cybercriminals can sell your login credentials to any number of streamers. That means you might find yourself having to wait in line until some stranger decides to sign out.<\/p>\n

\"This<\/a>

This fake Netflix login page looks just like the real one<\/p><\/div>\n

That may not be the end of it, either: Many people use the same password for different accounts<\/a>, and databases of stolen passwords die hard. If their password is the same everywhere, the victim need only enter it on a phishing page once.<\/p>\n

Buy a subscription for yourself, not cybercriminals<\/h2>\n

Cybercriminals scam movie and TV show lovers in different ways. Some of their ruses are quite easy to spot, others less so. By following simple digital security rules, you can protect your data not only in online movie theaters, but elsewhere as well.<\/p>\n