Were You the Target of the Netflix Email Scam?
In early November 2017, millions of subscribers to the popular online American entertainment company, Netflix, received an email asking them to update their billing information urgently. The email appeared to be legitimate and sent directly by the company, asking users to update all their account details within 48 hours, otherwise their account would be suspended.
The email contained a link to a fake Netflix landing page whereby subscribers were prompted to fill in their login and personal information, as well as their credit card details. The information was then used identity theft and money from the unassuming victims.
This isn’t the first time Netflix subscribers have been targeted by phishing scams, the online security company FireEye, warned users back in January that they were under threat and that fraudulent emails were being circulated. It hasn’t yet been determined how many people were affected by the scam, but it’s known that the email was sent to millions of subscribers.
This is far from a new occurrence: just last week, news broke that the popular WhatsApp app had been hacked into, appearing on the Google Play Store and being downloaded over a million times. While the malware-version of the app has been removed from the Store, the fact that millions of users could be fooled into downloading what appeared as the official version of the app has terrifying implications – and it is a threat we’re still far too vulnerable towards, as Netflix users learned only a few days later.
Protecting Your Identity in Today’s Cyber Age
Keeping in mind the WhatsApp and Netflix cases above, it seems that online phishing scams have evolved in leaps and bounds compared to what they were a few years ago. Granted, the age old phishing scam whereby a Nigerian Prince is desperately looking to offload his fortune, is regarded as an absurd and comical attempt to lure victims and most internet users would never fall for such a scam. However, phishing scams have evolved significantly and are now a sophisticated and very effective method of cybercrime.
Modern phishing scams, such as the recent Netflix and WhatsApp scams, are meticulously planned and executed and even people who are internet savvy and are careful not to download viruses can still become victims of phishing scams due to their ingenuity. Phishing scammers work hard to ensure that the fake emails are expertly written and perfectly match the company’s official emails. In this instance, the fake Netflix email was personalized to include the user’s name, regular Netflix auto-filling backsplashes, and the company logo. It even replicated the regular HTML used on the Netflix website.
Typically, when a person tries to access a suspicious webpage their default internet security will warn them, however, phishers tend to host their phishing pages on credible URLs which ensures they won’t be flagged by security scanners. These URLs include compromised WordPress blogs and other defunct sites, and it’s extremely difficult to ascertain whether the site is malicious.
Hackers try to obtain your name, address, phone number, Social Security Number, Credit Card details, and more. Needless to say, this information in the wrong hands can be disastrous and it’s essential to protect yourself online. Identity theft protection services have developed software and strategies to help keep you online identity secure. This software includes programs which can identify phishing content contained in websites and emails, or suspicious use of your personal details, and then once it detects a potential conspicuous activity, alerts you and asks if you were responsible…or not. The software is usually integrated into web browsers and email clients and it will alert you whenever it detects something suspicious. As mentioned, phishers can bypass ordinary security scanners, but sophisticated identity protection software is rarely fooled.
Secure Your Online Identity
To prevent phishing attacks and secure your online identity there are several measures you need to take:
- Get informed about phishing techniques: This is possibly the most effective method of phishing prevention. If you make sure to stay updated on the latest phishing trends you are unlikely to be caught out. The more vigilant you are the safer you are. If you’re aware that phishers are on the prowl for unsuspecting victims, you’re far less likely to click on links that aren’t hosted on trusted and official sites.
- Always verify a site’s security: There are few tell-tale signs to look out for whenever you provide personal information or bank details online. The most obvious is the URL which should always begin with “https,” if it doesn’t, don’t fill in any information. You should also check the site’s security certificate before downloading any files.
- Use firewalls and antivirus software: Firewalls can prevent you from accessing a fraudulent website or from downloading a virus-laden file. Antivirus software is designed to protect you against phishing scams by scanning each link before it’s opened. There’s no guaranteed way to stay safe, but if you invest in quality firewall and antivirus software the chances of you becoming a victim are significantly lower.