New phishing campaign targets Netflix users’ credit card details

New phishing campaign targets Netflix users’ credit card details

Cyber security experts have warned Netflix users about a new phishing campaign that attempts to steal their credit card details.

The campaign, which was uncovered by researchers at FireEye, involves an email sent to victims that asks them to update their Netflix membership details.

If they click the link, they are sent to a phishing site that asks for their Netflix login credentials as well as their personal details and credit card information.

When victims have completed these forms, the site redirects them to the legitimate Netflix homepage in an effort to make the scam harder to detect.

The researchers also noted that the client-side HTML code was obfuscated with AES encryption to evade text-based detection and the phishing pages were configured in such a way that they would not be displayed at companies including Google and PhishTank.

In a blog post analysing the campaign, the security experts said the phishing sites they observed were no longer active at the time of writing.

Internet users must be constantly on the lookout for phishing campaigns, which attempt to trick them into handing over login details and other sensitive information.

At a roundtable in December, Verizon’s managing principal for investigative response Laurance Dine said increased user awareness is key to stopping such attacks.

“Awareness is the number one way that we can combat that kind of situation,” he said of these cyber criminal tactics. “That is where we are going. That is what we have got to do. We have got to make people aware: ‘Be careful and do not click on that link.'”

To help you avoid falling victim to phishing attacks, Business Reporter has compiled a list of the top five cyber criminal tactics to watch out for in your email inbox.

For more on the Netflix phishing scam, see the FireEye blog.

Photo © Helge Thomas (CC BY 2.0). Cropped.

Copyright Lyonsdown Limited 2021

Top Articles

RockYou2021 data leak: 8.4 billion passwords compromised

A report shows that 100GB of data which includes 8.4 billion passwords have been recently leaked on the internet, people are being encouraged to secure their accounts.

Hackers Breach Electronic Arts & Steal Game Code

Electronic Arts, one of the world's biggest video game publishers including games such as FIFA, Madden, Sims and Medal of Honor, are the latest company to be hacked.

JBS Foods paid £7.7m in ransom to REvil ransomware gang

JBS Foods, the world’s largest processor of beef and poultry products, has admitted to paying a ransom of $11 million to cyber criminals, a week after it announced that operations…

Related Articles

[s2Member-Login login_redirect=”” /]