Netflix: warn of a new type of SMS scam to “pay the subscription” and steal bank details

Even after they have obtained all the sensitive information of your card, they redirect you to the official page of the streaming platform

Spain’s Office of Internet Security (OSI) has warned of a new ‘smishing’ campaign in which cybercriminals make fake Netflix payment gateways available to victims to steal their information.

‘Smishing’ is a technique that comes from phishing and consists of sending text or SMS messages to victims pretending to be a legitimate entity (such as a social network, bank, or public institution) to steal information or make economic charges.

The OSI has reported that a new campaign of sending fraudulent SMS has been detected in which attackers impersonate Netflix, claiming that they must enter their credentials due to alleged problems in the subscription payment.

This agency has given several examples of fraudulent messages in which a time limit is set to proceed with the transaction, either with a specific date or within 24 hours.

To do this, the fraudsters provide victims with a link to access the platform, which turns out to direct them to a fake website but with a design very similar to that of the streaming content platform. Once inside this fake website, victims enter their account username and password to log in, and upon accessing, a message is displayed stating that the account has been temporarily suspended.

‘Your last debit failed, please update your payment methods to benefit from our services,’ they notify the alleged Netflix website. Then, the ‘Next’ button appears which, once clicked, displays a form to fill in with the billing information.

The next steps include another form to enter the bank card number, expiration date and security code, a process that concludes with an alleged SMS authentication system. Once the phone number to which the message is sent has been entered, the link redirects to the actual web page of the streaming movies and series platform.

Cybercriminals even redirect their victims to the official Netflix website after stealing their bank details.
Cybercriminals even redirect their victims to the official Netflix website after stealing their bank details. / Pixabay

How to detect a fake Netflix link, and what to do if I am a victim?

OSI has reminded the audience that it is vitally important to consider certain details of the SMS received to determine that it is a scam. First of all, it has been recalled that obtaining a link that begins with ‘HTTPS’ does not guarantee that the connection is secure.

In addition, they reminded everyone that these cybercriminals are carrying out attacks using URLs containing words such as ‘netfspain’ or ‘neftxes.’ Messages like ‘confirm data,’ ‘payment rejected,’ or ‘update your information should also be suspected.

On the other hand, it has warned that these SMSes are usually preceded by the callsign ‘NETFLIX:’ to give more credibility and that they generate in users the urgency to act in 24 hours.

Finally, users who believe they have been victims of this fraud are advised to contact the service provider and the bank to block the bank card associated with the Netflix account and change the password to access their profile.