Netflix phishing

Have you received an email on behalf of Netflix about a blocked account? Then watch out! You are dealing with a phishing email here.

According to the message, more than four people would have access to your account. Netflix therefore believes that third parties can view your data. For this reason, your account has been blocked.

Phishing for data

To remove the block, you must click on the button in the message. You will be redirected to the so-called video on demand service website. Here you will be asked to log in. Do not do this! Netflix is not behind this message. In this way, criminals try to obtain your data for fraudulent purposes.

Blockade removed

Not only your login details, but also your name, address and credit card details are requested. We strongly advise against sharing it. After entering the data, it is reported that the block has been removed. You will then be redirected to the real Netflix website. By then your data will have ended up in the hands of the cyber-criminals.

Have you received an email from ‘Netflix’ that you need to update your payment information? This one is fake! Do not fall for it and immediately throw away the phishing email.

How do you know this is fake? Because Netflix simply stops your subscription until payment has been made. So you will find out soon enough if your information is not in order.

Netflix phishing

Netflix phishing comes in all types, and this time, we found a fake Netflix site which can easily be mistaken for the official Netflix support page.

The Netflix phishing site that caught our interest is the site ‘support-netfliix[.]com‘. The reason for this is simple, if Netflix is going to provide support, they will do this via their official channels, and support-netfliix[.]comis not owned by Netflix.

Now that is suspicious! So we took a look.

Cyberwarzone

Fake Netflix support website

Netflix phishing page asking for mobile number info

In the picture above, it is clear, that the cybercriminal tries to obtain the mobile phone number of the victim, by asking them to fill in a form which is titled ‘What’s your mobile number?’.

Verification if number provided is in phone number format

We tried to type some random numbers into the form, and it got caught. This means, that the cybercriminal has taken some extra steps into the form to make sure that a phone number is actually provided in the form.

Here the phishing page requests the victim for their password

We provided our real number as you can see in the picture above. Once we provided our number, we were send to another page, which again requested us to provide our password. This might be used by the cybercriminal to have an easy check to find real credentials.

The cybercriminal does not stop there. Once we provided a random password, we got navigated to the next page which requested full details.

Conclusion

As you can see in the pictures above, the cybercriminals do not care if it takes them multiple steps to have a complete profile of their victims. Always be cautious, and only make use of the official sites, in this case, that would be netflix.com.

Indicators

support-netfliix.com
93.157.63.125