The attack begins just like many do, with the receipt of an email explaining that your monthly Netflix payment failed. The email “helpfully” provides a link to what appears to be Netflix, complete with information boxes that allow you to re-enter your payment information.
The hackers took pains to make sure that their bogus email address bore a strong resemblance to the actual Netflix customer support email address. They also made sure the screen provided for you to enter your credit card information is a convincing replica of the real thing.
If you’re paying close attention, you’ll notice that the domain is markedly different, and that’s how you know you’re being taken in. Unfortunately, when many people are concerned that there’s a legitimate problem with their account, they won’t pay sufficient attention. That’s precisely what the hackers are counting on.
In any event, the new campaign has been wildly successful thus far, and even when their current domains are shut down, you can bet that the hackers will simply set up new ones and keep their malicious game going. There’s easy money in it, and they’re unlikely to stop as long as they’re finding success.
The only real way to counter this kind of thing is to be very careful and watchful. Pay attention to the URLs you’re being directed and re-directed to. Better yet, if you get an email like this, instead of clicking links embedded in the email, simply open a new browser window and type in the URL yourself. If you’re having a problem with your account, that fact will become readily apparent as soon as you log in.