NEWS CATEGORIES:

NEWS ARCHIVE >>
SOFTPEDIA REVIEWS >>
MEET THE EDITORS >>

Find us on Google+

Home > News > Security

December 21st, 2010, 08:23 GMT · By Lucian Constantin

New Phishing Campaign Targets Netflix Users

Adjust text size:

Security researchers from Trend Micro warn of a phishing campaign targeting Netflix customers, which produces emails claiming their accounts were suspended.

The rogue emails cite credit card problems and instruct users to log into their accounts via the included link in order to update their payment information.

The messages are titled "Your Account Has Been Suspended" and read "We are sending this email to let you know that your credit card has been expired. To update your account information, please visit Your Account."

Phishers used a real Netflix email template when creating this campaign in order to add credibility to the messages. It bears the company's logo, disclaimer, contact information and color scheme.

The phishing attack works in two steps. The first one is meant to steal Netflix account credentials, the advertised link taking users to a website mimicking the Netflix login page.

Once the victims input their credentials, they are redirected to a second page displaying a form to input credit card details and other financial information.

Netflix is a very popular movie streaming and rental service, estimated to account for over a fifth of daily US Internet traffic at peak hours.

The company is also expanding outside of the United States, with Canada recently becoming its first international venture.

History has repeatedly shown that increases in popularity always attract the attention of cyber criminals, which favor targets that give them access to big pools of potential victims.

This Netflix-themed phishing campaign follows a malware distribution one targeting the company's customers back in September.

A wave of spam emails detected at the time posed as official communications from the company and directed users to a drive-by download website that silently infected their computers with malware.

People are advised to exercise caution when dealing with links in emails, even when they appear to originate from trusted sources. The real Netflix sign in page is protected with SSL and its address should begin with https://www.netflix.com.

FILED UNDER:

TELL US WHAT YOU THINK:

1,902 hits · 4 comments · Link to this article · Print article · Send to friend · Subscribe to news

MUST-READ RELATED ARTICLES:

Rogue Netflix Emails Direct Users to Malicious Websites

New Phishing Attack Targets MobileMe Users

Fake Battle.net Emails Direct Gamers to Phishing Site

New Twitter Phish Employs Wrong User/Pass Trick

New Yahoo Phishing Campaign in Circulation

READER COMMENTS:

Comment #1 by: Lee on 30 Dec 2010, 09:32 UTC	reply to this comment
Today I got a request to keep my netflix account to update my credit card information. Clever but not quite clever enough since that number was stolen months earlier and I had to replace.

Comment #2 by: Zach on 22 Jan 2011, 16:24 UTC	reply to this comment
Just got one today saying "Your credit card has been expired". The grammatical error was the tip-off. The "click here" link leads to the domain retirementrc.com, not Netflix. Never, ever click on the link if you get one of these! If you think it's legit, go to the website directly, not through an email link.

Comment #3 by: ff on 25 Jan 2011, 02:10 UTC	reply to this comment
my friend typed my info into the fake netflix site from the new wave of emails..no credit card info just my netflix log on...can they get my credit card info from that?

Comment #4 by: FT on 26 Jan 2011, 13:07 UTC	reply to this comment
Just got one today as well, only that I'm not even a member... didn't bother to open it.

SUBMIT PROGRAM \| ADVERTISE \| GET HELP \| SEND US FEEDBACK \| RSS FEEDS \| UPDATE YOUR SOFTWARE \| ROMANIAN FORUM
© 2001 - 2012 Softpedia. All rights reserved. Softpedia® and the Softpedia® logo are registered trademarks of SoftNews NET SRL.	Copyright Information \| Privacy Policy \| Terms of Use