Netflix Users Targeted with Phishing and Malware Scams

February 16, 2016, Written By Lynn Oldshue
Netflix

Since its creation in 1997, Netflix has grown to be a popular streaming video service available in 190 countries. This popularity has caught the attention of cybercriminals hoping to cash in. Symantec recently discovered that scammers are targeting Netflix users with malware and phishing campaigns.

Malware
One group is using malicious files disguised as Netflix icons on compromised computers’ desktops. When the user clicks on this fake icon, the Netflix home page opens as a decoy while files are secretly downloaded from Infostealer.Banload. This software, used primarily in Brazil, steals banking information from affected computers.

These fake icons are likely downloaded by users who have been fooled by false advertisements, or offers of free or cheaper access to Netflix.

Phishing
Phishing is a fairly common type of attack. Users generally receive a fake email that directs them to a false Netflix website. The consumer is then asked to enter their login credentials, personal information and payment card details.

Symantec discovered one such campaign on January 21, which was designed by Danish users. The email told customers that their accounts needed to be updated because there was an issue with their monthly payment. The emails were sent from [email protected][REDACTED].com with the subject “Opdater Betalingsinformation”. The website has been shut down.

Black Market
Netflix login information has become quite valuable on the black market, and criminals can purchase access to Netflix at a free or reduced price or even open their own illegal store with this information.

Most of the offers are for existing Netflix accounts, which either provide a month of viewing or full access to the service. The seller of this illegal account instructs the buyer not to change the password, as it will alert the user who has had their account stolen.

Netflix account generators are also available. They are created using tools from stolen Netflix subscriptions or payment card details. The scammer keeps a database of accounts, and buyers can purchase this software for themselves so that they can sell illegal Netflix accounts on the black market.

Protection
Netflix advises customers to only download and purchase Netflix from official sources. Do not download services at a free or reduced price, as they may contain malicious files or be designed to steal data.



The information contained within this article was accurate as of February 16, 2016. For up-to-date
information on any of the terms, cards or offers mentioned above, visit the issuer's website.