Symantec discovers phishing attach targeting Netflix users

According to recent research by Symantec, cyber-criminals are stealing users login credentials for popular online streaming service Netflix in an attempt to steal banking information. One malware campaign involves malicious files posing as Netflix software on compromised computers desktops. The files are downloaders that, once executed, open the Netflix home page as a decoy whilst downloading Banload, a Trojan primarily used in Brazil that steals banking information.

Another campaign involves the phishing of Netflix credentials. The streaming service allows between one and four users on the same account, meaning that an attack can piggyback on a user’s subscription without their knowledge. In these phishing campaigns, attackers redirect users to a fake Netflix website to coax the user into providing login credentials, personal information and payment card details.

In addition to the campaigns, there is an underground economy targeting users who wish to access Netflix for a reduced price or free. These accounts either provide a month of viewing or give full access to the premium service. In most advertisements for these services, the seller asks the buyer not to change any information on the accounts, such as the password, as it may render them unusable. This is because a password change would alert the user who had their account stolen of the compromise.

the paypers logo

The Paypers is the Netherlands-based leading independent source of news and intelligence for professional in the global payment community.

 

The Paypers provides a wide range of news and analysis products aimed at keeping the ecommerce, fintech, and payment professionals informed about the latest developments in the industry.

 



No part of this site can be reproduced without explicit permission of The Paypers (v2.7).

Privacy Policy / Cookie Statement

Copyright