TweakTown
Tech content trusted by users in North America and around the world
5,918 Reviews & Articles | 38,129 News Posts

Netflix phishing scam tricks subscribers to steal data from their PC

Scammers originating from India found duping Netflix subscribers to steal files, images and even credit card details (NASDAQ:NFLX)

| Hacking & Security News | Posted: Mar 4, 2014 5:13 am

There's a new phishing scheme which involves Netflix and using the fear of having your account suspended unless you call the company's 'tech support'. Jerome Segura of Malwarebytes Unpacked uncovered 'Tech Support' scammers where they try to use Netflix account suspicion scare to steal its victims' photos, name, address, passwords and even credit cards.

 

TweakTown image news/3/5/35924_1_netflix_phishing_scam_tricks_subscribers_to_steal_data_from_their_pc.png

 

Segura said that the error from Netflix urged him to call the 1-800 number on the screen, which was not the official support number and therefore prompted deeper investigation. Upon contacting the fake tech support, the representative made him download a 'Netflix Support Software' which turned out to be Teamviewer. After the remote connection was made, the scammer said that his account was suspended because of 'illegal activity' and showed 'proof' using a 'Foreign IP Tracer' which was a custom-made Windows batch script.

 

What was strange is that the tech support scammer advised him to connect with a Microsoft Certified technician. He also went ahead and transferred the call to a certified technician (fake, of course) who already had Teamviewer access. The fake support explained the issue and drafted a bill for installing network firewall, AVG antivirus cleanup followed by a $50 fake Netflix discount coupon and offered a discount. What was later found out that the scammer was trying to buy time and distract the victim. In the meantime, the scammer was going through his personal files and stealing data of his interest, as found in TeamViewer file transfer eventlog.

 

TweakTown image news/3/5/35924_2_netflix_phishing_scam_tricks_subscribers_to_steal_data_from_their_pc.png

 

The fake support wanted his credit card credentials, but asked for a picture of his ID card and credit since 'the internet is not secure and needed proof of his identity'. Since he didn't have it, they tried to activate his webcam so that he can show the cards, but the author disabled his webcam, and that's where the call ended.

 

After tracing the IP address that was available from Teamviewer's logfile, it was found that the connection originated from India, and the download file was from a newly registered domain. Though a lot of people would eventually know that its a scam, many may not- or be distracted as their Netflix account was suspended due to suspicious activity. Its important that one does not use their login credentials on their unknown website and always best if you contact official customer support and verify such claims of account suspension.

NEWS SOURCE
Blog.malwarebytes.org

Related Tags

Further Reading: Read and find more Hacking & Security news at our Hacking & Security news index page.

Do you get our news RSS feed? Get It!

Post a Comment about this news

Latest Tech News Posts

View More News Posts

TweakTown Web Poll

Question: Facebook's acquisition of Oculus VR will...

Improve Oculus Rift Development

Hamper Oculus Rift Development

Completely destroy Oculus Rift Development

Let's wait and see, I'm not sure

or View the Results

View More Polls

Forum Activity

View More Forum Posts

Press Releases

View More Press Releases