Would you have any idea if a stranger — or a hacker — was sharing your account? And would you even care?
You may not know, but you should care. The security firm Symantec recently warned consumers about a booming new international fraud industry made up of stolen video service accounts.
When Netflix expanded its service worldwide earlier this year, scammers jumped on the opportunity. With Netflix now available in 130 new countries, that means there are a whole lot more users who could be fooled by fake offers and discounted access.
Criminals are taking advantage of one of the features that Netflix users love so much about the service — account sharing. Depending on your account settings, up to four people can stream simultaneously from one account — in different locations and on different networks. And this is why most users, whose accounts have been hacked, have no idea that a stranger in another country is using their account.
In a blog post, Symantec’s Lionel Payet said, “These accounts either provide a month of viewing or give full access to the premium service.’
How they do it
Here’s how it works: by using fake websites and email scams, criminals are tricking users into entering their account information, including their username/email address, password and more. Once the information is entered, the scammers save it and then sell the account access on the black market — for as little as a quarter, which is a lot cheaper than a $10-a-month subscription.
“In most advertisements for these services, the seller asks the buyer not to change any information on the accounts, such as the password, as it may render them unusable… This is because a password change would alert the user who had their account stolen of the compromise.”
These criminals are using two primary methods to carry out their attacks — and not only steal your Netflix login, but also your banking information.
1. Phishing scams
These criminals are using phishing scams to trick users into entering more than just their login information — but also things like email address and payment details.
Users may get a fake email that looks like it’s from Netflix — claiming they need to update their payment info. The thieves are also using fake advertisements and offers that trick people into thinking they’re going to get a discount — but all that happens is they enter their information and the hackers sell it on the black market.
Read more: Top 10 scams and how to avoid them
2. Malware designed to steal your banking info
According to Symantec, scammers are also targeting Netflix users with malware campaigns.
When you click on one of these fake ads, offers or links in an email from the scammers, a malicious file posing at Netflix software will be downloaded to your computer. The file then scans your device and steals all of your banking information.
Here’s an image from Symantec that shows an advertisement for a ‘Netflix shop’ that sells stolen account information.
How to protect yourself
If stranger have access to your Netflix account, at the very least, they can get access to your personal information. To keep people you don’t know out of your account, make sure you change your password every few months — and monitor the account for strange activity.
Read more: Virus, spyware and malware protection guide
When it comes to protecting yourself against phishing and malware scams, here are some tips:
- If you receive an email claiming to be from any company that has your personal information, don’t click on any of the links. It could be a scam. Instead, log in to your account separately to check for any new notices. You can also call the company about the information sent via email.
- Responding to a text from a number you don’t recognize could also make any information stored in your phone vulnerable to hackers. Do some research to find out who and where the text came from.
- If you get a missed call on your cell phone from a number you don’t recognize, don’t call it back. Here’s what you need to know about this phone scam.