Internet scams have become harder to detect lately, hence making it important to be very careful when visiting websites and opening emails that seem even slightly suspicious. There has been a new Netflix phishing scam that tries to steal users' login and credit card information and billing address by tricking them into updating their account.
Cloud office security platform, Armorblox, spotted the phishing attack a few weeks ago when Netflix customers reported about receiving emails that were apparently from Netflix Support. The emails convinced customers that there was a problem in the verification of their personal details which was resulting in issues with their billing. This was followed by a warning that their accounts would be cancelled in 24 hours if they didn't manage to update their personal information.
Clicking the provided link took customers to a website that looked everything like Netflix's original website. The website page asked users to part with their Netflix login credentials, billing address, and credit card details. Targeted users were then redirected to the actual Netflix home page after the phishing flow was complete.
According to Amborblox, this was a noteworthy scam, for it was able to get through email security controls. The hackers' foremost trick was to make the entire procedure look quite legitimate and they successfully did convince some Netflix customers. In addition to that, the Netflix clone site was even hosted on a legitimate parent domain. By doing this, the hackers were able to evade security controls based on URL protection and get past filters that block known bad domains.
Moreover, the Netflix clone site actually does look like the real Netflix login page.
It is very easy to fall for such scams if they are able to make their way into your inbox and that is why it is important to remain updated about various phishing attacks.