Daredevil hackers are targeting Netflix users with a new phishing attack that attempts to break bad with their credit card details. Security outfit FireEye discovers the scam, which targets binge watchers using an email asking them to update their Netflix membership details.
If users are fooled into clicking the malicious link within the email, they’ll find themselves directed to a legitimate looking Netflix login page. One signed in, they will be asked to enter further details such as their name, date of birth, billing address and payment card information, and then directed to the official Netflix website.
The security firm goes on to note that the phishing campaigns it observed are no longer active, so it’s unlikely this scam will bring whole House of Cards down for the streaming giant. Stranger Things have happened, though.
Hackers used two methods, the first involving a malware that tricked people into believing they’ve downloaded official Netflix software. Clicking on the dodgy file downloads a trojan in the form of Infostealer. Banload, which is capable of lifting sensitive information including banking details.
The second method, like this latest scam, targets users via phishing campaigns that attempted to redirect people to a fake Netflix website.