Phishers attack Netflix and Disney+ users
Phishers act seasonally: They are currently increasingly targeting users of streaming services. The phishing radar warns of this.
(Image: Bild erstellt mit KI in Bing Designer durch heise online / dmk)
The consumer advice center's phishing radar warns of current waves of phishing targeting users of streaming services. Specifically, the providers Disney+ and Netflix are being used as bait for the scam attempts. A clever timing: just in time for the start of fall, people are spending more time indoors and watching more TV.
(Image: Phishing-Radar)
According to the NRW consumer advice center, which operates the phishing radar, internet users found an increasing number of fraudulent emails in their inboxes on Tuesday of this week requesting that they update their Netflix payment details. The subject line of the phishing emails reads "Your account is blocked". Clear indications of a fake are the short informal address and grammatical errors, the authors explain.
The unprofessional design is also striking. The Netflix logo has a black background on the otherwise white email background. The message refers to an alleged payment problem. Payment details need to be updated to restore access to the account. A large "Update my payment details" button then redirects to the phishing page. Neither the sender address nor the target link are connected to Netflix, adds the consumer advice center.
Several streaming providers as bait
Another wave of phishing on Monday targeted a Disney+ customer whose subscription was supposedly being suspended. The subject of the scam emails was "Please update your information".
According to the text of the email, the subscription was being suspended. The bank had rejected the debit during the last attempt to renew the subscription. Recipients should update the billing information "via the link below (sic!)". Failure to do so would result in the loss of the victim's benefits.
(Image: Phishing-Radar)
The button with the call to action and the link to the phishing page is labeled "Consult the procedure". The email also has grammatical errors and does not address the recipient at all. However, the look is less amateurish than the Netflix phishing mails.
Recipients of such messages should take a close look to see whether the layout, sender and link destination match the claimed sender. In the case of these fairly obvious phishing attempts, recipients should put the message in the spam folder. If users suspect problems with their account with streaming providers or associated payments, they should go directly to their profile on the provider's website. Real messages from the provider should then be found there.
Online criminals are currently increasingly looking for victims with new themes. Last week, the NRW consumer advice center warned of a scam in which the phishers allegedly wanted to make an appointment for a telephone call with the savings bank. The link to the supposed appointment then led to phishing pages.
(dmk)