Netflix, Microsoft spoofed in email scams

CERT-LatestNews ThreatsStrategic

Screen shot 2017 11 03 at 11.24.28

New phishing campaigns spoofing websites from Netflix and Microsoft have arisen over the past few days, MailGuard has warned.

One campaign includes a fake email purporting to be from Netflix and claiming that customers need to resubmit their billing information to continue using the streaming service.

The spoof campaign is relatively well designed, using a template system to generate individualised messages. But at the time of disclosure, the system had been misconfigured, leaving #name# in the message rather than the target’s actual name.

The email links to a compromised WordPress blog designed to mimic the Netflix site, with fields for a target to enter their full name, date of birth, billing address, credit card details, driver’s licence number and security questions. Once entering this information, the victim is shown a fake ‘success’ screen.

The second phishing scam impersonates Microsoft’s Office 365 cloud service. The attack consists of a message telling the recipient that their email account is over quota and that they need to upgrade their plan.

It links to a fake but convincing looking website seeking to trick victims into entering their Office 365 login details.

MailGuard said cybercriminals often use trusted online brands to prey on unsuspecting internet users to lull them into a false sense of security.

Last month criminals hijacked Telstra branding in a large Javascript-based phishing campaign seeking to convince victims into installing a malware that can allow attackers to steal data from and even remotely control computers.

Phishing meanwhile continues to be the greatest cybersecurity threat, MailGuard said.

The company is urging email users to always hover over a link before clicking to see if a URL is legitimate, and for companies to implement email filtering as part of a layered defence strategy against cyber threats.

Fake Netflix sign-in page image courtesy MailGuard.

Follow us and share on Twitter and Facebook

Please enable JavaScript to view the comments powered by Disqus.