Watch Netflix? Beware of the Latest Email Phishing Scam featured image

Watch Netflix? Beware of the Latest Email Phishing Scam

by John DiGiacomo

Partner

Cyber Security Data Breach

A Netflix phishing scam has been identified and users in the United States are being cautioned about an email that targets credit card information and other personal data. A California-based cyber-security firm recently identified a phishing email campaign affecting the popular video streaming service’s customer base. This latest attack is just another example of how important it is to scrutinize any email from anyone, including large trusted companies, that asks you to click a link contained in the email for the purpose of entering or updating personal information or credit card payment information.

How the Netflix Phishing Scam Works

Disguised as an email sent by Netflix for the user to update their membership details by clicking a link contained in the email body. Unsuspecting Netflix subscribers who click the link are redirected to a fake site that mimics the appearance of the real Netflix login webpage. Users who are none the wiser enter their login credentials and are directed to pages that request customer personal information. This includes the user’s name, date of birth and address, and credit card payment information, including credit card type, card number, expiration date, name on the credit card, credit card holder’s social security number, and the security code for the credit card.

From this kind of data, a hacker could make fraudulent credit card purchases online, open lines of credit in a victim’s name, sell the victim’s data and credit card information, and much more. With how much talk there is about phishing scams being one of the leading causes of data security breaches, it might seem like no one should be taken advantage of by a phish email scam. But a surprising number of phishing emails are opened by recipients, and a startling number of links contained in phishing emails are clicked on.  

Highly Sophisticated Phishing Ploy

This most-recent Netflix phishing scam is striking in that it was well orchestrated against detection as fraudulent email. The hackers used highly sophisticated techniques and methods to mask their email campaign from being detected. Specifically, the attackers took steps:

  • So that legitimate, but compromised, Netflix servers hosted the phishing webpages.
  • So that users with certain IP addresses would not be displayed the phishing pages in order to avoid detection of the phishing ploy, i.e., if it was likely that the user’s DNS would resolve to companies such as PhishTank or Google.
  • To ensure that the client-side HTML code associated with the phishing pages was obfuscated by the use of AES encryption.  

Contact a Cybersecurity Lawyer

Data security breaches happen all the time and sometimes companies and people fall victim to phishing attacks. Cybersecurity attacks are getting all the more sophisticated with each passing day and the laws surrounding cybersecurity issues are continuously evolving to address new challenges. Revision Legal stays up to date on cyber security law and new cyber threats. Revision Legal works closely with cybersecurity victims and helps them deal with the aftermath of security breaches and we can help you manage your situation after suffering a data breach. Contact the experienced data breach attorneys at Revision Legal as soon as possible if you need help. Contact Revision Legal data breach attorneys using the form on this page or call us at 855-473-8474.

Image credit: Global Panorama

Extra, Extra!
Recent Posts

2025 Changes to Trademark Fees

2025 Changes to Trademark Fees

Trademark

There are some significant changes coming to the United States Patent and Trademark Office (USPTO) that will affect trademark filings beginning January 18, 2025. These changes include the introduction of the Trademark Center, new fees, and revised application requirements. Here is an overview of the key changes: The USPTO will retire the TEAS system, which […]

Read more about 2025 Changes to Trademark Fees

Automated Decision-Making Technology: California Releases Proposed Regulations

Automated Decision-Making Technology: California Releases Proposed Regulations

Internet Law

In today’s competitive e-commerce landscape, automated decision-making technology is becoming more and more important. From personalized product recommendations to targeted advertising and streamlined logistics, these systems help ecommerce businesses adapt and grow. But new regulations are on the horizon, and these changes could reshape the way e-commerce businesses use automation. The California Privacy Protection Agency […]

Read more about Automated Decision-Making Technology: California Releases Proposed Regulations

FTC Adopts Final “Click to Cancel Rule”

FTC Adopts Final “Click to Cancel Rule”

Internet Law

The Federal Trade Commission (FTC) has issued final amendments to its trade regulation rule concerning negative option plans, also known as the “click to cancel rule.” This rule aims to address widespread deceptive practices that prohibit customers from cancelling services in the same manner in which they signed up. Here’s a detailed summary of the […]

Read more about FTC Adopts Final “Click to Cancel Rule”

Put Revision Legal on your side