Netflix: watch out for scam, phishing risk
The report of a phishing campaign that is targeting Netflix subscribers (over 193 million worldwide) comes from the Armorblox team. An articulated scam that relies on the lack of attention that some could put in interacting with the emails received in the inbox.
It all starts with an email similar to the one below that refers to an error in payment and the need to update your data. A link to an external site is included in the text.
The page you are faced with after the click faithfully reproduces the Netflix interface, but one careful look you can see that the URL is suspect: the axxisgeo.com domain has nothing to do with the streaming platform.
If the unwary user enters the credentials for login these inevitably end up in the hands of cybercriminals, with all that follows. In the following steps, the billing address and the credit card details are requested.
It is almost useless to reiterate what is always the best advice to follow: beware of any communication of this type and refer only and exclusively to the official channels of the platforms (site, applications etc.) for the management of their accounts, without going through links received in the mailbox.
Source: Armoblox
A phishing campaign addressed to Netflix users
In the image below is a summary of the phases in which the action is structured in order to reach out to the credentials for accessing the service and the information relating to the credit card used to pay for the subscription.It all starts with an email similar to the one below that refers to an error in payment and the need to update your data. A link to an external site is included in the text.
The page you are faced with after the click faithfully reproduces the Netflix interface, but one careful look you can see that the URL is suspect: the axxisgeo.com domain has nothing to do with the streaming platform.
If the unwary user enters the credentials for login these inevitably end up in the hands of cybercriminals, with all that follows. In the following steps, the billing address and the credit card details are requested.
It is almost useless to reiterate what is always the best advice to follow: beware of any communication of this type and refer only and exclusively to the official channels of the platforms (site, applications etc.) for the management of their accounts, without going through links received in the mailbox.
Source: Armoblox