In a new blog post, Symantec is warning users about fake Netflix downloads that claim to install the service at a low cost and a separate phishing campaign designed to steal legitimate Netflix credentials.
With Netflix launching its video streaming service in more than 190 regions worldwide, including parts of Asia and Europe, related malware scams have increased in frequency. The campaigns are targeting an ever-expanding global market of users familiar with the U.S. company’s service.
For example, in Brazil there are reports of users installing malicious files that purport to be legitimate Netflix installation packages, downloaded from websites offering discounted service. Online ads will often lure users to the fake Netflix front-ends, enticing them to download and install the executable. The goal of the Trojan package is to steal banking information residing on the affected computer.
Another scam is a standard email phishing scheme that direct users to a phony Netflix logon page. The website not only captures the legitimate Netflix user email and password, but also convinces the user to enter their bank card information because of “problems” with their recurring payment information.
The stolen Netflix credentials are then sold on the black market for as little as $0.25, often with a four account minimum offer. The thieves even have their own Terms of Service, which stipulate that the buyer should not change the account info; doing so would eventually render the account unusable by raising red flags with the real account owner who might then change the password again.
Source: Symantec | Image via Symantec