One campaign includes a fake email purporting to be from Netflix and claiming that customers need to resubmit their billing information to continue using the streaming service.
The spoof campaign is relatively well designed, using a template system to generate individualised messages. But at the time of disclosure, the system had been misconfigured, leaving #name# in the message rather than the target’s actual name.
The email links to a compromised WordPress blog designed to mimic the Netflix site, with fields for a target to enter their full name, date of birth, billing address, credit card details, driver’s licence number and security questions. Once entering this information, the victim is shown a fake ‘success’ screen.
The second phishing scam impersonates Microsoft’s Office 365 cloud service. The attack consists of a message telling the recipient that their email account is over quota and that they need to upgrade their plan.
It links to a fake but convincing looking website seeking to trick victims into entering their Office 365 login details.
MailGuard said cybercriminals often use trusted online brands to prey on unsuspecting internet users to lull them into a false sense of security.
Phishing meanwhile continues to be the greatest cybersecurity threat, MailGuard said.
The company is urging email users to always hover over a link before clicking to see if a URL is legitimate, and for companies to implement email filtering as part of a layered defence strategy against cyber threats.
Fake Netflix sign-in page image courtesy MailGuard.