There is another variation on the bank account phishing scam – this time targetting NetFlix customers and with the potential for a lot of harm.
A pop up screen or email claiming that your Netflix account has been suspended, with a phony login screen that resembles NetFlix. (www.netflix.someotherplace.com).
They will capture your netflix login info (of course), but that’s not the main prize. You are prompted to call a 1-800 (in India, as it happens, but it could be redirected anywhere) where a ‘support technician’ will get you to download remote access software which lets them have full access to your comptuter. They will then load some ‘malware checking’ or ‘intrusion checking’ software, which is phony (of course) and will show you that your machine has lots of trouble (of course) – then they will offer to ‘fix’ it for you for $300 give or take.
But in the mean time, while you are distracted by this dog-and-pony show, they are accessing your hard drive in the background and downloading personal files, website logons, passwords, financial information, whatever they can find.
And to add insult to injury, they may ask for you to show your identification cards to your webcam, ‘for security purposes’, going for the trifecta of fraud, theft of information and identity theft.
Never click on or log into a website (whether financial or otherwise) from an email or a pop up screen. Always enter the URL yourself.
I know a lot of people who rely on Google to get where they want, even to the extent of typing www.domainname.com into the Google search instead of the browser’s location bar. The risk is twofold: Google search results may include spoof sites, and your browser may be compromised by a search engine redirector which points you to other target sites than the one you intended.
Always look at the URL to make sure you have arrived at the destination you planned.
Don’t be misled by the first word in the URL. It is the last word before the .com that is significant. www.netflix.com is Netflix’s server. www.netflix.scammer.com is Scammer.com’s server. www.netflix.cm is not Netflix.com, it is some unknown site registered in the African country of Cameroon (.cm)
Never call the phone number in an Email or pop up screen. Go to the official site of the company and look for their customer service number.
Never download and install software under the direction of someone over the phone, email or online chat – DOUBLY so if the transaction was initiated by the unknown other party, no matter who they claim to be. There is one exception – if YOU have initiated a support call to a reputable company and you know you are talking to the official support department.
If you find yourself in the middle of such an scenario, pull out the ethernet cable on the machine or shut off the wireless Ethernet, or just power your machine down and then call a knowledgeable local person for help.
If you have disclosed any identity or financial information before terminating the call, please call your local police and then your bank(s) to alert them and ask for the next steps to protect yourself. Chances are you will need to change your bank and charge account number(s) and all of your online passwords.
Thanks to JÃ©rÃ´me Segura for posting this on Malwarebytes Unpacked blog.malwarebytes.org/fraud-scam/2014/02/netflix-phishing-scam-leads-to-fake-microsoft-tech-support/