The holidays are a time when we can be out of our regular routines, on the go and checking email from our phone or tablet, and in between all our other commitments. That’s precisely what the scammers behind this latest email threat are hoping for. The email claims that your Netflix subscription has been closed, and prompts victims to click through to sign into their account and add updated credit card information.
Here are some examples of the various sending addresses:
- 01060193dc81701c-aaea7aec-fff8-428b-a388-00ac48070d39-000000@ap-northeast-1.amazonses.com
- 01060193dc6cecd3-a39a306e-78b0-4ed0-8c9a-d7a0ec45f4cd-000000@ap-northeast-1.amazonses.com
- 01060193dca91bb8-61725447-917c-4e3c-a2d4-c7832298e0c2-000000@ap-northeast-1.amazonses.com
- 01060193dca578ed-fdf90257-48c9-444c-af11-e1a86080a09d-000000@ap-northeast-1.amazonses.com
The emails looks like this:
After clicking through on the red button, users are presented with a phishing page that masquerades as a Netflix Login page, asking for your email address or phone number, and your account password.
Once your account credentials have been captured, the scammers continue with a three-step process to capture your credit card information. Step 1 of 3 simply asks that you click the red ‘Next’ button to continue.
Next, your credit card information is required including the card number, expiration date and CVV.
And finally, users are asked to submit an SMS verification code. In fact, the code that you hand over is to confirm a fraudulent transaction that the scammers are processing in the background.
With nearly 283 million global subscribers, Netflix is a streaming behemoth that most of us can’t stand to be without, especially in the holidays.
Here are some previous scams impersonating the streaming giant:
- November 2017
- January 2018
- November 2019
- December 2019
- January 2020
- February 2020
- March 2020
- April 2021
- August 2021
- November 2021
- October 2022
MailGuard advises all recipients of the emails to delete them immediately without clicking on any links. Responding or providing your personal details can result in your sensitive information being used for criminal activity and may have a severe negative impact on your business and its’ financial well-being.
MailGuard urges users not to click links or open attachments within emails that:
- Are not addressed to you by name.
- Appear to be from a legitimate company but use poor English or omits personal details that a legitimate sender would include.
- Are from businesses that you were not expecting to hear from, and/or
- Take you to a landing page or website that is not the legitimate URL of the company the email is purporting to be sent from.
- Many businesses turn to MailGuard after an incident or a near miss, often as a result of an email similar to the one shown above. If unwanted emails are a problem for your business, don’t wait until it’s too late.
Reach out to our team for a confidential discussion by emailing expert@mailguard.com.au or calling 1300 30 44 30.
One email is all that it takes
All that it takes to devastate your business is a cleverly worded email message that can steal sensitive user credentials or disrupt your business operations. If scammers can trick one person in your company into clicking on a malicious link or attachment, they can gain access to your data or inflict damage on your business.
For a few dollars per staff member per month, you can protect your business with MailGuard's specialist, 'zero zero-day' email security. Special Ops for when speed matters! Our real-time 'zero zero-day', email threat detection amplifies our client’s intelligence, knowledge, security and defence. Talk to a solution consultant at MailGuard today about securing your company's inboxes.
Stay up-to-date with MailGuard's latest blog posts by subscribing to free updates. Subscribe to weekly updates by clicking on the button below.