Tech News

Cybercriminals impersonate Netflix to steal user data

Attackers send SMS messages with a link to a fake website to get their victims to volunteer personal information. REUTERS/Dado Ruvic/File Photo

The cybercriminals use a wide variety of methods to infiltrate people’s devices in order to steal information for profit; this time they are using Netflixthe application of streaming of movies and series to obtain the data of the users.

[article_mb_code]

However, unlike most cyber attacks such as phishing, which is the most frequent, cyber criminals behind this method they choose a variant called “smishing”, which consists of sending messages SMS victims pretending to be a well-known and highly credible company such as a social network, a bank or a public institution, to steal information or make charges to their bank accounts.

These internet scams were reported in Spain by the Internet Security Office (OSI)institution that indicates that the cybercriminals who use this form of attack have the purpose of taking their victims to gateways of payment to steal your personal information.

How Netflix Smishing Works

[article_mb_code]

The goal of cybercriminals is that users deliver their access credentials to their account Netflix and for this they deceive their victims pretending to be the technology company and indicate that they have occurred payment problems from his subscriptionso they must re-enter their accounts.

“Smishing”, which consists of sending SMS messages to victims pretending to be a well-known and highly credible company such as a social network, a bank or a public institution, to steal information from users. (photo: Five Days)
“Smishing”, which consists of sending SMS messages to victims pretending to be a well-known and highly credible company such as a social network, a bank or a public institution, to steal information from users. (photo: Five Days)

In addition, to increase the level of pressure that the victim is under, the SMS that reaches the victim indicates that in order to carry out the transaction there is only one period of 24 hours or, failing that, establish a specific deadline that does not give the user the opportunity to coldly analyze the situation.

[article_mb_code]

Along with the message that was sent to the victims, the cyber criminals enter a link to a fake website which looks very similar to the one you wear Netflix in reality.

Once they fall for the deception, the victims Enter your username and password in the fields established for that data, but instead of entering their profile they are redirected to another Web page indicating that your account was suspended and you must re-enter the Bank information to login to the account.

“Your last debit failed, please update your payment methods to benefit from our services”, is the message that appears on the screen of the false web page that intends to replace Netflix. Then, the ‘Next’ button appears which, once pressed, displays a form that the user must complete with the information of billing.

[article_mb_code]
The cybercriminals indicate that the victim's login failed due to a problem with the payment method. In this way, users hand over their banking information to cybercriminals. Photo: Getty Images
The cybercriminals indicate that the victim’s login failed due to a problem with the payment method. In this way, users hand over their banking information to cybercriminals. Photo: Getty Images

Once all the steps indicated in the so-called website of Netflix, the user will go through a supposed process of SMS verification and after indicating the phone number who wants to receive it, a text message will arrive with a link that redirects to the real website of Netflix so that there is no suspicion on the part of the user until it is too late.

How to avoid being a victim

The scams that involve SMS messages they are not new and users can prevent these situations if they are found correctly informed. To begin with, if a person receives a communication from any company whose services have not been hired, it is a indicator that it is most likely an attempt to cyber attack.

In addition, in this type of situation the user should avoid pressing the link of the user because it is not known what type of pages these redirect links.

In addition, in this type of situation the user should avoid pressing the link of the user because it is not known to what type of pages these links redirect. However, if you have entered the fake websitepeople should pay close attention to the address of the site.

Sometimes they can appear misspellings such as “Nettflix” or “Netfliix”, while other cases can replace the domain .com for another that has been developed solely for this type of deception. Finally an attitude prevention can be of great help in this type of situation to avoid being another victim of cyber attacks.

:

Back to top button