Cybersecurity experts have uncovered an SMS phishing campaign Netflix users in an attempt to steal accounts and credit card information.
Hackers are sending fraudulent text messages that claim the victim has failed to pay on their registration and the account will be suspended soon.
A link is also included that takes users to a site designed to look like the Netflix platform, prompting them to provide login and credit card information.
Experts recommend Netflix members be alert for messages from the streaming giant as subtle signs point to a terrorist.
The language used in these messages is dead, such as grammatical errors, and links and words unrelated to ‘Netflix.’
Cybersecurity company Bitdefender, which uncovered the fraud, has identified fake messages, including several containing misspelled words and strange links.
‘NETFLIX : There was a problem processing your payment. For your services to work, please log in and confirm your details at: https://account-details(.)com,’ one message reads as a typo.
Bitdefender has advised users not to open messages from unknown senders and if they do, not to click on links that contain the text.
Netflix users are being warned of a ‘dangerous’ scam that aims to steal their accounts and credit card information
“We will never ask you to enter your personal information in a text message or email,” Netflix said in a statement about the fish messages.
‘We will not ask for payment through a retailer or website. If the text or email links to a link you do not recognize, do not touch or click on it.
Bitdefender discovered that the scam has been taking place in 23 countries, including the US, since September.
Other countries involved are Germany, Spain, France, Greece and Australia.
The main security problem is that Netflix does not have 2FA (two-factor authentication) and only depends on username and password,’ Bitdefender shared.
‘This means that Netflix customers are at risk of having their account taken using a profile.’
Many Netflix users who have received fake messages have shared how others can avoid being scammed.
Miguel A. Calles, security researcher, he sent the message he received: Note that ‘http://netflix.com’ is at the beginning of the domain. So that should make sense at first glance, right?
Miguel A. Calles, a security analyst, posted a message he received, which shows how the documents include language errors.
Bitdefender has advised users not to open messages from unknown senders and if they do, not to click on links that contain the text.
‘Did you notice that the address starts with “http://” instead of the “https://” that Netflix and other big companies force?’
He went on to explain that criminals would also add ‘911’ to the URL to trigger a rush among victims.
‘Having this number in the address plays with our conscience that we have to take immediate action,’ Calles added, urging users not to cut links from unknown texters.
But if users accidentally click on the link, Bitdefender explains the lengths to which criminals will go to steal your data and money.
‘Interestingly, they want to see if you’re a robot. This is done to give potential victims a sense of security and to ensure that they are visiting a legitimate website,” the company shared.
‘The next step is to collect information from Netflix customers. Once the user provides the credentials, the attackers have them.’
Once the login details are submitted, a ‘Your account has been temporarily suspended’ warning will appear on the screen with an alternative payment method.
‘There is also the option to pay via Gift Card instead of credit card, which is great,’ said Bitdefender.
‘Netflix offers the option to buy gift cards, but it’s important to note that they are not available in all regions.’
If users fall for the scam, the company explained that ‘their Netflix credentials and payment information may end up on the dark web, where they will be sold in bundles or as a single item.’
