New phishing campaign targeting Netflix users to steal their bank account details

A recent cybersecurity report is referring to the detection of a sensitive data stealing campaign affecting United Kingdom citizens. The local media mentioned that operators of this phishing scheme are using the Netflix name and branding to access non-prevented users’ banking accounts.

It all starts with an email supposedly sent by the streaming platform in which malicious actors mention the user must comply with a payment within the next 48 hours to prevent their account of being blocked or deleted. Even though this is not a legitimate Netflix policy, a lot of users could get panicked and rush to make the money transfer to the bank account included in the phishing email.

In this regard, Netflix has issued a statement urging its users to ignore such messages: “We have never asked our users to enter your personal and financial information in text messages or emails and we never will. This includes payment card numbers, bank account data and passwords”. The streaming platform added that they never redirect users to third party platforms.

On the other hand, information security specialist also mentioned that hacking groups are not able to get access to users’ bank accounts, unless their victims cooperate, so the best way to prevent such an attack is avoiding any interaction with these emails or text messages.

This is not the only recently detected Netflix scam campaign. During last week, hundreds of Denver residents were targeted by a fake offer of a full year of free Netflix. In the message, users were told that, as a method to invite people to stay at home, Netflix was giving away hundreds of free accounts for a year; once the victims clicked on the attached link, they were redirected to a phishing payment page where the hackers tried to get their banking details.