It has been detected an email sending campaing that impersonates Netflix, the famous video demanding platform, with the objective of redirecting the victim to a fake site (phising) that says to be legitimate and to steal their personal data and passwords.
Affected resources:
Any user that is a client of Netflix and have given their personal and bank data in the fake site
Solution
If you have received an email like this, have checked the link and have given your personal and bank data ( card number, expiration date and security code), contact ASAP with your financial entity to inform what happened.
Avoid to be a victim of phising type fraud following our recommendations:
1- Do not open messages from unknown users, eliminate them directly. Do not reply to any of those emails.
2- Be cautious when you click links and to download attached archives, even if they’re from people you know.
3- If the is no certification, or if it isn’t from the site we make access, do not give any kind of information about you: user name, passwords, bank data etc.
4- If having any doubt, consutl directly with the entity in charge of it or trusty third parties, like OSI from INCIBE and the national police (FCSE)
Details
The detected emails in this new malicious campaign that impersonates the identity of Netflix are identified by reading the following reason: “Update your payment information”.
The email’s content informs the user that there’s been and error when they try to make the regular monthly payment service offered by Netflix. To repair this problem, it is asked the user to access the link they gave in the email, as we can see in the next image:
Once the user clicks the link, it is automatically redirected to an application form where you have to give information of your personal data and your credit card.
After writing your data and rpessing the “ payment system update” button, the fake web shows a message to the user telling him to write the confirmation code that he would receive via mobile message to make it more belivable. And of course, the code never shows up. This kind of fraud is known as phising.
