Due to its expansion, Netflix has been getting more and more attractive to cyber criminals lately. Of course, their main purpose is to take advantage of its numerous users.
Security researchers claim that currently the users of Netflix are targeted by a new malware campaign which advertises itself as a cheaper method of accessing and watching movies on Netflix.
When compared to many malware operations, the above-mentioned campaign is unique because instead of relying on spam email, it relies on adverts which redirect interested users to a direct download website from where they obtain the malicious files themselves.These files are spiked with a malware family called Infostealer.Banload. This is a popular banking trojan which is capable of stealing credentials for various online banking portals.
Infostealer.Banload was first noticed in 2015, and this malware is presently part of a campaign targeting Netflix users, mainly in Brazil, being able to target users on Windows XP, Vista, and 7.
However, the fake Netflix applications are not the only thing users should fear. They should also be aware of the so called Netflix phishing scams, which were seen around January 2, targeting Netflix users in Denmark, who were asked to navigate to a Netflix clone website to confirm their identity and fix an issue with their latest payment.
Nevertheless, it was not only were the victims facing the possibility of losing their Netflix credentials, but the hackers behind this campaign are also collecting personal data for each user, such as credit card information, which they could later use for fraudulent transactions. Besides, users should be aware of any shady Netflix membership renting websites, which promise them access to Netflix accounts at insignificant prices.
Those who build the above-mentioned websites, are actually providing access to hacked accounts, and users may end up sponsoring a crime ring without even knowing. Also, the victims can be infected with malware if the service requires installing their custom application for accessing the corrupted service.