Connect with us

Hi, what are you looking for?


Cyber criminals take advantage of Netflix’s global expansion, says Symantec

Netflix’s popularity has sharply grown since its creation in 1997. The company recently launched its streaming service globally. It is now available in more than 190 regions around the world.

This success, however, has attracted the attention of attackers, according to Symantec. The company says it has observed malware and phishing campaigns targeting Netflix users’ information. The details are then added to a growing black market that claims to provide cheaper access to the service.

Malware disguised as Netflix

One malware campaign involves malicious files posing as Netflix software on compromised computers’ desktops. The files are downloaders that, once executed, open the Netflix home page as a decoy and secretly download Infostealer.Banload. Banload steals banking information from the affected computer. The Trojan has primarily been used in Brazil.

The Netflix-disguised files aren’t dropped through drive-by downloads. Instead, the files are most likely downloaded by users who may have been tricked by fake advertisements or offers of free or cheaper access to Netflix.

Phishing Netflix credentials

Advertisement. Scroll to continue reading.

Aside from delivering malware, attackers may target Netflix users by attempting to steal their login credentials through phishing campaigns. Netflix subscriptions allow between one and four users on the same account. This means that an attacker could piggyback on a user’s subscription without their knowledge.

In these phishing campaigns, attackers redirect users to a fake Netflix website to trick users into providing their login credentials, personal information, and payment cards details. These tactics are not uncommon; cybercriminals are still using them on a daily basis.

Symantec observed one Netflix phishing campaign on January 21 which was crafted for Danish users. The phishing email tried to trick users into believing that their Netflix account needed to be updated, as there was an issue with their monthly payment. The emails were sent from with the subject “Opdater Betalingsinformation”. The site that the email linked to is no longer active.

Netflix black market

Both malware and phishing campaigns help attackers gather the credentials needed to break into victims’ Netflix accounts. But the attackers may not just keep this access for themselves. There is an underground economy targeting users who wish to access Netflix for free or a reduced price. The products could even allow customers to open their own illegal store.

Advertisement for the sale of Netflix accounts

The most common offers are for existing Netflix accounts. These accounts either provide a month of viewing or give full access to the premium service. In most advertisements for these services, the seller asks the buyer not to change any information on the accounts, such as the password, as it may render them unusable. This is because a password change would alert the user who had their account stolen of the compromise.

Another offering includes Netflix account generators. The accounts created through these tools may come from stolen Netflix subscriptions or payment card details. The generators’ creators regularly update their databases with new accounts and disable ones that don’t work anymore. Buyers can use this software for themselves or resell the generated accounts on the black market.


Advertisement. Scroll to continue reading.

Symantec advises users to only download the Netflix application from official sources. Additionally, users should not take advantage of services that appear to offer Netflix for free or a reduced price, as they may contain malicious files or steal data.


Like Us On Facebook

You May Also Like


23% of employees have previously had a dispute with IT staff about the importance or frequency of updating their work devices. Surprisingly, IT teams...


Over 54% of APAC consumers surveyed would rather place and pay for an order digitally than go to a physical location or call to...


Edge computing has continuously gained trust from the IT community, as well as recognition from those outside the IT circles. Now, the focus is...


While some of the risks – such as data leaks and ransomware attacks on organizations – are largely beyond a user’s control, other threats,...


Kaspersky, in its research, found out that at least 61 organizations from the APAC region had fallen prey to Ransomware 2.0 in 2020. This...


To make sure your Internet security is impenetrable, Eastern Communications shares four ways to keep your family safe online.

Biz Solutions

PhishFlip, which is included as a feature of KnowBe4’s PhishER product, responds in real time to turn dangerous attacks into an immediate, real-world training...


Malicious ransomware families are now conducting data exfiltration coupled with blackmailing. Using pressure tactics, these cybercriminals threaten to publish the data they hold, further...