since netflix has 192.95 million subscribers, this seems like the right time for hackers to crack. As expected, phishing campaigns are new in nature. This time the phishing attack was aimed at stealing Netflix user credentials.
The new phishing Attack
Armorblox researchers have discovered a new wildlife phishing for Netflix users. They shared details in a post, revealing that a new phishing attack was aimed at stealing Netflix credentials and other data.
In short, this campaign also uses email to loot users. The attack starts when phishing emails reach the user’s inbox. Presented as an email from Netflix and informing about problems with user billing and payment details. To create a sense of urgency, users are also asked to log out within 24 hours.
Clicking on the embedded phishing link will direct the user to the phishing website. At this point, the victim can enter details and believe that the page is correct. And here all confidential information is given to the attackers. Phishing pages direct users to the original Netflix website. Therefore, the victim will never know about a phishing attack unless affected.
Using Captcha To Avoid Detection
The overall phishing strategy in this campaign is similar to most other campaigns. However, what makes it successful is the use of CAPTCHA.
If you click on the email link, the original destination leads to a CAPTCHA page that is fully functional with the Netflix brand (black background, red button). After entering the correct alphanumeric sequence, the target is taken to the main phishing site. The CAPTCHA site that functions makes every communication look more legitimate.
The inclusion of CAPTCHA also makes it difficult for security technology to rely solely on the ability to redirect URLs to track URLs to their final destination. Photographs from both sides of the CAPTCHA are given below:
In addition, the attackers behind this campaign ensure that all phishing websites are hosted on legitimate domains. Therefore, these phishing attacks and the like can be victims for Internet users at any time. The only way to keep users safe is to be careful when dealing with such emails.
the best way to prevent this scam is to never click on the link embedded into the email Even though the email is correct, it is recommended to manually enter the service URL in a new area of your web browser and check if there is anything in your account in the email you just received. Or contact customer service to inquire about the legality of signals that you don’t recognize.
