Netflix Users Targeted with Phishing and Malware Scams Stealing Credit Card Data

Malware in Netflix Apps Steals Credit Card details of Users— Symantec Researchers

Netflix Apps delivering more than movies:

Netflix has become excessively popular among people all over the world as it offers free online entertainment. But, this popularity has also made it the eye candy of hackers and malicious actors. As per Symantec’s analysis, Netflix is not free from malware at all as it has been involved in various attacks that their team has identified so far. One of which is related to fake Netflix apps.

It has been discovered by Symantec that fake Netflix apps have been loaded with such a strong malware that it can easily steal credentials of registered users along with their credit card details and banking information. Researchers explained that victims are redirected to Netflix website but the Infostealer.Banload Trojan also gets installed in the background. This Trojan steals the victim’s bank information.

netflix-users-targeted-with-phishing-and-malware-scams-stealing-credit-card-data
Malware files posing as Netflix software / Image Source: Symantec

According to Symantec’s senior security response manager Satnam Narang, this malware has been disguised as those Netflix applications, which are usually “downloaded by users who may have been tricked by a fake advertisement or offers for free or cheaper access to Netflix.”

However, the extent and/or scope of this attack haven’t been determined by Symantec yet and the firm is also unable to analyze the infection rate as of now. What the firm did discover, says Narang, is that user credentials are stolen by a second attack that also is launched via Netflix.

Basically, the hackers have started this new phishing campaign to trick innocent Netflix users and steal their credentials by redirecting them to a bogus Netflix website. The phishing emails (some coming from netflix@fakt[REDACTED].com ) have been designed to appear identical to the original notification sent to users by Netflix.

The increasing incidences of Phishing attacks:

Every other day we hear about prominent online sources being targeted by phishing scams and it won’t be an understatement that phishing attacks have emerged as a serious concern for security experts.

In a recent Cloudmark report, it was revealed that 91% organizations were targeted by malicious actors via phishing attacks in 2015. It is though not a new phenomenon but phishing attacks mostly are successful in exploiting innocent users.

Possible Perpetrators Behind Netflix Malware Campaign:

Apparently, the latest phishing attack involving Netflix apps hasn’t been designed by an individual hacker but it seems to be part of a very elaborate scheme with a full-fledged business model around it. Symantec states that stolen Netflix accounts are in demand right now at underground web market because these offer extensive access to Netflix services without involving high expenses.

Symantec detected one such platform that promises users “freshly cracked accounts” and it is called Netflix Generator. This tool is daily updated and the offered accounts can be bought, used and even resold to other individuals. Thus, Symantec experts believe that this scheme is part of an illegal scam that thrives upon stolen user credentials. As per Narang, the research findings were shared by Symantec with Netflix itself before making it public.

netflix-users-targeted-with-phishing-and-malware-scams-stealing-credit-card-data-3
Advertisement for the sale of Netflix accounts which leads to malware / Image Source: Symantec

It is possible that Symantec can play a prominent role in curbing the risk associated with this new campaign and protect its users’ privacy by augmenting the security of its apps, states Narang. It is a well-known fact that “Symantec and Norton products protect users against the malware. We detect the fake Netflix applications as Downloader and Infostealer.Banload.”

 

However, he recommends that “users should be skeptical of unsolicited emails claiming that they need to update their Netflix account” especially those users who seek cheap or free access to Netflix.

Going a step beyond relying on technology to protect against Netflix-related attack campaigns, Narang advises users to exercise caution about emails claiming to be from Netflix.

Waqas

Waqas Amir is a Milan-based cybersecurity journalist with a passion for covering latest happenings in cyber security and tech world. In addition to being the founder of this website, Waqas is also into gaming, reading and investigative journalism.