Is Your Netflix Account Safe? New Scheme Found Stealing Passwords and Bank Details
If you’re a Netflix user, you probably know why it is a digital success story. Netflix leveraged faster Internet speeds and mobile technology to become one of the biggest video-distribution networks in the world. With over 75 million subscribers, Netflix has made “binge-watching” commonplace—a near-universal experience for the modern couch potato.
Recently however, it was discovered that hackers have been targeting the service's expanding membership base. According to reports, cybercriminals are stealing user details like passwords and bank credentials via phishing campaigns and a Trojan malware—potentially for sale on the Deep Web. In this scheme, the Netflix user is tricked into clicking on a malicious link found in an email or a website which leads them to fake login page of the service. As soon as the user clicks on the link, the malware harvests account information. Additionally, the cybercriminals behind the scam are selling the stolen Netflix passwords on the Deep Web for as cheap as 25 cents a pop, or a minimum purchase of four accounts for a total of $1, adding that it has 300,000 passwords in stock—notably putting the victims at even greater risk.
Moreover, its “terms of service” warn customers not to change any account details as this would alert the real subscriber to unauthorized activity. These stolen Netflix accounts could be perused by any black-market shopper and use the pilfered credentials for just about any paid online service. The sophistication of the scam suggests that these schemes aren’t one-off jobs, but rather part of a proficient business model that potentially feeds the Deep Web economy.
[READ: Gone Phishing: How Phishing Leads to Hacked Accounts and Identity Theft]
A Netflix user can tell if their account is being used illegitimately when random shows and movies appear in the “Continue watching” field, and by receiving arbitrary recommendations of what to watch next. If your Netflix account is being used without your knowledge, you can check a list of content that has been recently watched via the Netflix website, then click on the downward-facing triangle beside your account found on the top right of the screen. Choose your account, and under your profile choose “Viewing Activity”. Click on the “See recent account access” link at the top of the page to view which devices have also been checked in. You will see an option on your Netflix account page to “Sign out of all devices”. Lock outsiders out by changing your password by clicking on “Change your password” under “Membership & Billing”.To avoid becoming a victim of the Netflix scam in the first place, be careful not to access Netflix content from third-party or unofficial advertisements that promise to offer Netflix for free or at a reduced price, or from social media links and posts. Be sure to access content only through its dedicated Netflix apps or website.
Like it? Add this infographic to your site:
1. Click on the box below. 2. Press Ctrl+A to select all. 3. Press Ctrl+C to copy. 4. Paste the code into your page (Ctrl+V).
Image will appear the same size as you see above.
- Email Threat Landscape Report: Cybercriminal Tactics, Techniques That Organizations Need to Know
- Preventing an Imminent Ransomware Attack With Early Detection and Investigation
- Inside the Halls of a Cybercrime Business
- Securing Cloud-Native Environments with Zero Trust: Real-World Attack Cases
- Exploring Potential Security Challenges in Microsoft Azure