Netflix: a vast phishing campaign targets 70,000 French subscribers, don’t click!

Proofpoint computer security researchers have discovered a series of Netflix-related phishing campaigns. Launched at the end of 2020, these campaigns are still active and currently target nearly 70,000 French users of the platform. The aim of the attackers is to deceive users in order to gain their credentials and other personal data.

netflix phishing
Credits: Pixabay

With the successive lockdowns and curfew measures in force, streaming platforms, Netflix in the lead, have never been so popular. At the start of 2021, the platform has just passed the symbolic bar of 200 million subscribers. Problem, the success of the platform does not go unnoticed in the eyes of cybercriminals, who do not hesitate to use the image of Netflix to trap as many users as possible.

Indeed, Proofpoint’s computer security researchers have discovered a series of Netflix-related phishing campaigns, which began in late 2020 and are still active. According to their information, these attacks target around 70,000 French users. The objective is simple: to seize as much personal data as possible, with usernames and bank details in mind.

netflix phishing
Credit: Proofpoint

Well-executed spam emails

The operators behind these phishing campaigns have made sure to vary the approaches by sending two fake emails using the interface and typography of Netflix. The first concerns a false account suspension, and prompts users to update their payment information. By clicking on the link in the email, the user is redirected to a bogus web portal of the platform, where he is asked to enter his login details. According to Proofpoint, this email was sent to 20,000 French users of the service.

As for the second, he pretends to cancel a subscription. The email leads the user to believe that their account will be suspended, due to a billing problem. A link is obviously present for “restart membership”And here again redirects you to a fake Web portal on which you are invited to enter your credentials. To make things more authentic, the operators have seen fit to use a promotional image of The Crown, Netflix’s flagship series, to dress up the web page. This email was sent to nearly 40,000 French users.

Growing use of streaming services requires greater vigilance on the part of users […] It is essential to adopt new safety habits. Consumers can proactively protect their streaming credentials by keeping their operating system, browsers, and plugins up to date and never clicking on any links or attachments embedded in emails if they are unsure whether they are. their origin ”, advises Loïc Guézo, Cybersecurity Strategy Director at Proofpoint.