Computer criminals have started a massive phishing campaign against subscribers of Netflix in Australia. Email messages with the title “Netflix Membership On Hold” contain counterfeit login pages that steal the user’s credentials.
Netflix Australian users must be extremely cautious
The Australian Communications and Media Authority uncovered the criminal activity and warned Netflix users about the threat. Subscribers who encounter the email message must delete it immediately. The malicious contents are displayed in a way that impersonates the service to an almost identical way. There are only minor differences between the scam message and an actual Netflix notification email.
The malicious link in the email’s contents leads to a counterfeit sign-in page. Upon entering the username and password, the victims are redirected to an “account verification” site where credit card information is requested.
It is possible for the criminals to utilize the stolen login details to gain additional information about the victims. As many Netflix users use the same passwords for many of their services, such credentials can potentially be used for banks, emails, and other sensitive accounts.
Security experts note that similar emails are being sent to foreign users of Netflix as well. However, the mass campaign seems to be targeted against Australia at this time.