Netflix users, beware: a new tech support scam uses the popular media streaming service to steal your identity for the low, low cost of $389.97. The scam was discovered February 28th, by security researcher Jerome Segura. Segura entered the scam through a Netflix phishing site, Netflix.afta3.com
. Knowing full well what he was getting himself into, Segura played along and let the scam run its course. What he found was a novel and surprisingly comprehensive way of stealing your identity.
Your Account Has Been Hacked, Let Us Fix Itâ¦By Hacking It
Step 1: Phishing
Netflix.afta3.com
is a phishing site. A phishing site is a website created to steal visitorâs information. Netflix.afta3.com
does so by modeling itself after the legitimate Netflix member sign-in page. You give the phishing site your username and password, and the phishing site sends them to its nefarious master.
Step 2: Social Engineering
Netflix.afta3.com
tells you it has suspended your Netflix account. Another well-crafted Netflix mock-up page pops up saying âWe have detected unusual activity on your account.â To unlock your account, youâre told youâll have to call a 1-800 number. An error code is also supplied for your reference. This is social engineering: scare the user into thinking something is wrong and then supply them with a solution.
Step 3: Rogue Support
We usually use the term rogue to refer to a Trojan malware that pretends to be an antivirus software. Such software will âscanâ your computer, âfindâ a bunch of infections, and then demand payment to âremoveâ them. In Step 3 of the Netflix tech support scam, you are connected to a real-live “tech support representative.” Like a Trojan rogue, he will very seriously tell you that your account has been hacked and that the only way to fix it is with his teamâs help â which, of course, doesnât come cheap.
Step 4: Netflix Support Software
After chatting with your rogue support rep, heâll tell you that you need to download the Netflix Support Software. What he really means is TeamViewer, a software that will allow his team to remotely access and control your computer.
Step 5: Smoke and Mirrors
During Step 5, the tech support scammer basically just talks to you on the phone while his associates use TeamViewer to rifle through your computer’s files and steal the good stuff. Youâll be told that someone hacked your computer and used it for illegal activities, and youâll be shown an official looking Windows Batch Script that displays foreign infiltrations from countries like Serbia and China. Meanwhile, any files connected to your identity or finances will be stolen.
Step 6: Payment
After a bit of yammering, your tech support representative will tell you that the only way to fix your computer is to purchase help from a Microsoft Certified Technician. The cost? âUsually $439.97, but since weâre such great guys weâll give you a $50 discount, bringing your grand total to $389.97!â (Note: People who throw the word Certified around are usually less than decent human beings.)Â
Step 7: To Ensure Youâre Not Scamming Us
Finally, those who wish to purchase help will need more than just a credit card number. To ensure that youâre not scamming them (!) the Netflix tech support representative will request photographs of your credit card and your photo ID. If you canât supply this documentation, the tech support team will gladly activate your webcam (using TeamViewer) and take the snapshots for you.
How to Avoid This Scam
Seguraâs research has linked this novel combination of scamming techniques to a newly registered website, camlesh.biz,
with an Indian IP address. Accordingly, the rogue tech support rep was not a native English speaker.
If youâre reading this blog post, chances are pretty high that youâre immune to this type of attack. While it may combine traditional scamming methods in a novel way, the truth is that it simply contains way too many red flags to fool the average Internet literate user.
The scam does, however, pose a great risk to users who donât much about computers. In particular, many children/grandchildren who may have introduced their parents/grandparents to the wonders of Netflix would do well to warn their elders of this threat. In general, phishing and social engineering scams like this one are most effective against the least informed.
If you know someone who could be targeted by this new attack, weâd ask that you spread the word. Share this article, or better yet help them learn about Identity Theft in general. Our knowledge base articles Hacking Identity Theft I and II were written expressly for this purpose. Send them a link, or better yet print it out and hand it to them. Â
Another simple solution would be to install Emsisoft Anti-Malware on their computer. Our software features Surf Protection technology, which automatically prevents users from visiting phishing sites like Netflix.afta3.com
. We update our blacklist once every hour, to protect our users from the latest threats â meaning you donât have to call up Uncle Bob every time a new phishing scam emerges. And, hey, if you put it on your computer, you wonât have to worry about being scammed either.
Hereâs to a Great (Malware-Free) Week Ahead!
Related Posts:
- Emsisoft Explains the Syrian Electronic Army
- Current email traps Phishing examples and hints on how to…
- HELP! My PC is infected with Malware! What should I do?
- The SEPA Switch and Internet Fraud
- New Skype scam uses chat bots: Fake webcam girls want your…
Emsisoft Alert: Netflix Tech Support Scam
No comments:
Post a Comment