cybernews.com
Open in
urlscan Pro
2606:4700:3108::ac42:283b
Public Scan
URL:
https://cybernews.com/security/bad-actors-star-in-netflix-phishing-scam/
Submission: On December 28 via api from US — Scanned from DE
Submission: On December 28 via api from US — Scanned from DE
Form analysis 2 forms found in the DOM
GET /search/
<form class="header__search-form" action="/search/" method="get" data-js-search-mobile="">
<input class="header__search-form-input" placeholder="Search..." type="search" data-js-search-input-mobile="">
<button type="submit" class="header__search-form-button" title="Search">
<svg class="svg-icon header__search-form-button-icon" width="22" height="22">
<use xlink:href="#mdi-magnify"></use>
</svg>
</button>
</form>POST /api/add-comment/
<form id="comment-form" class="space space_size_n text text_size_small" action="/api/add-comment/" method="POST">
<label for="comment-form-text">
<strong class="form-label form-label_required">Comment</strong>
<textarea id="comment-form-text" name="comment" required="" cols="45" rows="8" class="form-input space space_size_s" minlength="3"></textarea>
</label>
<div class="space space_size_n">
<div class="cells cells_responsive">
<label class="cells__item cells__item_width cells__item_width_2" for="comment-form-name">
<strong class="form-label form-label_required">Name</strong>
<input id="comment-form-name" type="text" name="name" required="" class="form-input space space_size_s" minlength="3">
</label>
<label class="cells__item cells__item_width cells__item_width_2" for="comment-form-email">
<strong class="form-label form-label_required">Email</strong>
<input id="comment-form-email" type="email" name="email" required="" class="form-input space space_size_s" minlength="3">
</label>
</div>
<label class="space space_size_n display_block" for="privacy_policy">
<strong class="form-label form-label_required">Privacy Policy Agreement</strong>
<span class="space space_size_s content display_block">
<input id="privacy_policy" name="privacy_policy" required="" type="checkbox"> I agree to the <a class="link" href="https://cybernews.com/terms-conditions/" target="_blank" rel="noreferrer">
Terms & Conditions
</a> and <a href="https://cybernews.com/privacy-policy/" target="_blank" rel="noreferrer">
Privacy Policy
</a>. </span>
</label>
</div>
<div class="space space_size_l">
<button class="button" type="submit"> Post comment </button>
</div>
</form>Text Content
* News * Cybersecurity news * Cyber war news * Editorial * Security * Privacy * Crypto * Tech * Resources * What is a VPN? * How to use a VPN? * What is malware? * Are password managers safe? * More resources * Tools * Strong password generator * Personal data leak checker * Password leak checker * Website security checker * VPN speed test * Reviews * Antivirus software * Best VPN services * Password managers * Best ad blockers * Secure email providers * Best website builders * Best web hosting services * Follow * * * * * * © 2022 CyberNews - Latest tech news, product reviews, and analyses. If you purchase via links on our site, we may receive affiliate commissions. 1. Home 2. Security BAD ACTORS STAR IN NETFLIX PHISHING SCAM Damien Black Senior Journalist Updated on: 21 September 2022 -------------------------------------------------------------------------------- Image by Shutterstock With 220 million paid subscribers, the popular streaming service was always going to be a juicy target for scammers – and that’s just what a threat group identified by one cyber-watchdog has been seeing it as. “What better place for a phish to hide than in a stream? A streaming service, that is,” said INKY, announcing its latest findings. Accessible in more than 190 countries and 30 languages, Netflix is fertile grounds for real-life villains looking to score with a social engineering campaign. “Over the past few years, Netflix customers have been warned about numerous phishing threats, most of which share a common theme – credential harvesting,” said INKY. “Scammers send phishing emails trying to convince Netflix users that their account is somehow in jeopardy, and rectifying the situation calls for them to update their credit card details and other personally identifiable Information (PII).” The latest instance uncovered by INKY in August entailed just such a plot, with an extra twist: in this case, PII data harvesting was augmented by the use of zipped files to compress malicious HTML attachments. “The malicious site is hosted on a victim’s local machine instead of the internet,” said INKY. “Standard URL reputation checks are avoided, and phishing content can’t be detected since it’s not on the internet. Using zip files is another advantage because it’s not in an executable format that can be seen.” STICK WITH ME KID, I’LL MAKE YOU POOR… This cunning approach reflects the continuing evolution of social engineering ploys, from the straight-to-video bargain basement cons of yesteryear to today’s A-list superstar scammers. “There was a time when brand fraud attempts were easier to catch because they contained many telltale signs of phishing,” said INKY. “Multiple typos, strange word choices, suspicious URLs, and odd-looking logos provided insight to the recipients of these malicious emails. But times have changed. Cybercrime gets more sophisticated every year, with no signs of stopping. Today, many telltale signs of a brand impersonation are so cleverly hidden that even the most discerning eye can’t recognize them.” In the thrilling latest installment of INKY’s Fresh Phish research project, the bad guys turned in another bravura performance, spoofing sender email addresses to make it look like the phishing messages came from Netflix. An international production, the scam roped in unwitting collaborators from all around the world, including an “abused mail server” from a university in Peru, an internet protocol address belonging to a private firm in Germany, and another hijacked machine affiliated with a construction company in Pakistan. Screenshot taken by INKY of a typical scam email used by conmen to trick Netflix users into parting with their data. AND THE LOSER IS… Victims were presented with a legitimate-seeming prompt to enter their name, address, and bank details – the vital data was then sent for harvesting to a third-party site controlled by the crooks behind this high-value-production con. The script used by the conmen might not be winning a Golden Globe award any time soon, but it was solid and convincing nonetheless. “Netflix was unable to collect a payment because the method of payment is no longer valid or has expired,” it read. “To resolve the issue, update your payment method.” And just as it doesn’t always take fine prose to win over an audience and boost one’s ratings, it would appear the dodgy producers behind this latest scam were enjoying quite a bit of success with their own brand of doggerel until INKY stepped in. “Be cautious of zip file attachments since these can’t be previewed,” it said. “Use another form of communication to contact the sender and confirm the safety of the attachment.” INKY also urges those who want to avoid being starstruck by cybercriminals to always visit a company’s website directly via their own browser and search engine rather than clicking on email attachments and links. -------------------------------------------------------------------------------- MORE FROM CYBERNEWS: The Ethereum Big Merge: panacea for climate change or goldmine for scammers? $30m Lazarus Group stole from Axie Infinity recovered Here’s what Uber and GTA hacks have in common American Airlines revealed sensitive user information Tech offers glimpse into dog's mind Subscribe to our newsletter Share Tweet Share Share Share -------------------------------------------------------------------------------- Editor's choice SECURITY AI startup spills employee data and corporate secrets by Jurgita Lapienytė 27 December 2022 An Indian startup focusing on artificial intelligence (AI) solutions leaked sensitive corporate data, including extensive information about its projects and employees. Read more about An Indian startup focusing on artificial intelligence (AI) solutions leaked sensitive corporate data, including extensive information about its projects and employees. Twitter data leaked - 400 million user details up for sale 26 December 2022 Choose your pickings: top five tech TV shows of 2022 26 December 2022 Shoemaker Ecco leaks over 60GB of sensitive data for 500+ days 21 December 2022 Kremlin’s most notorious hacker: will Yakubets ever face justice? 20 December 2022 -------------------------------------------------------------------------------- -------------------------------------------------------------------------------- -------------------------------------------------------------------------------- Leave a Reply Your email address will not be published. Required fields are marked Comment Name Email Privacy Policy Agreement I agree to the Terms & Conditions and Privacy Policy . Post comment * Categories * News * Editorial * Security * Privacy * Crypto * Cloud * Tech * Reviews * Antivirus Software * Password Managers * Best VPNs * Best VPN for Android * Secure Email Providers * Website Builders * Best Web Hosting Services * Tools * Password generator * Personal data leak checker * Password leak checker * Website security checker * VPN speed test * Coupon codes * ENGAGE * About Us * Send Us a Tip * Careers * * * * * * * About Us * Contact * Send Us a Tip * Privacy Policy * Terms & Conditions * Vulnerability Disclosure © 2022 Cybernews – Latest Cybersecurity and Tech News, Research & Analysis. This website uses cookies. By continuing to use this website you are giving consent to cookies being used. Visit our Privacy Policy . I Agree