If you have an account with Netflix and see the above screen when logging into your account, you’ve been subjected to the phishing scam effecting many other subscribers just like you.
Originally reported by Jérôme Segura, from the blog, Malwarebytes Unpacked, scammers are becoming more creative. Previously, most phishing scams were done with the “Microsoft Tech Support” angle. However, so many phishing scams have been through that angle, it is now common knowledge on how to keep your personal information safe from such threats. Even Microsoft themselves have brought assistance, through official emails, articles, and ironically tech support, on how to detect these fraudulent scams and avoid them. Because of this, phishing scams are now using other companies. Unfortunately for Netflix, they’ve been targeted. By the numbers, this is smart since The Inquisitr recently reported there are 44 million subscribers, in the United States alone, on Netflix.
On the blog, Segura goes through the process of the phishing scam as a demonstration for his readers. He first attempts to log into Netflix with a bogus username and password which prompts the screen shown above. He calls the number, which is no way associated with Netflix whatsoever, and gets a hold of “tech support”. He follows everything they say, to an extent, just for the demonstration, but also takes screen captures and how they are associated to a scam. For example, the “Netflix Support Software” is really the popular remote login program, TeamViewer. He then shows all the phishing company’s attempts to steal his information. What is worse, is when the phishing company supposedly “scans” his computer and says it has been hacked. The only possible thing to do is talk to a “Microsoft Tech Support” guy to get this issue fixed, after conveniently typing up an invoice.
So in a way, this is another angle to use the “Microsoft Tech Support” phishing scam. If a unsuspecting subscriber downloaded the “Netflix Support Software”, the “Microsoft Tech Support” can now remotely run your computer from where they are. This is where your livelihood may be in jeopardy if you follow through with their instructions. The “tech support” guy will eventually ask for picture identification and a photo of a credit card as a means of “confirmation”. They’ll say the internet is insecure, so it is best to use a scanner. If you don’t have a scanner, they’ll remotely activate your camera (if you have one), so you may take pictures of what they need.
When it comes to scams, Segura is no stranger to them as explained in an article by Wired UK. Apparantly, he’d been tracking internet scams for years and had this to say about them:
I’ve learned early on that trying to expose them on the phone is a pointless exercise resulting in a spiral of denial. My goal is to play along, collect as much information as I can while remaining polite in order to build a case against them. They gave themselves away many times, but that’s just because I know enough not to be caught off guard.
The investigation took place in the United States. Most likely, European, Canadian, and Australian subscribers may be effected too. Despite his expertise, Jérôme admits he was taken off guard with the Netflix Phishing Scam.