Jerome Segura, a senior security researcher, has discovered a new Netflix tech support scam where the hackers are after users’ login credentials. That’s just the first step, it evolves into a very elaborate scam from there on out, its been laid out in such a way that unsuspecting victims might even willingly give them remote access to their computers as well as show them photo ID, which could constitute a huge identity theft risk. Segura has documented the entire scam after playing along with the hackers, and has even created a video detailing the entire ordeal.

Basically the entire scam is a combination of a phishing scam with fake tech support call center. As the victim enters their Netflix credentials, they’re shown a notice telling them that they account has been suspended, and to resolve the matter they have to call a tech support center, which is fake but that isn’t obviously mentioned in the notice. Segura calls and is asked to download a software called “Netflix Support Software,” which is actually a remote access providing software TeamViewer. This allows the scammers access to the system.

The scammer then goes through a bundle of tricks in order to instill fear in the victim, even telling them that there have been multiple hacking attempts on their account. This obviously creates a sense of urgency to fix the problem, and unsuspecting victims might throw caution to the wind and fall prey. Segura planted several files on his system, including one titled “banking 2013″ which was remotely accessed.¬†After being promised a $50 credit from Netflix, he was told that a payment of $389.97 was necessary so that Microsoft support could fix the problem. The call is then transferred to a “technician,” who dives even further in the system and starts recovering any files that might seem important or private.

It really is a well thought out and elaborate scam, fortunately now its common knowledge thanks to Segura. Do watch the entire video just to know exactly how this plays out, and to keep an eye out if you ever find yourself in a similar situation.

Filed in Web . Tags: Netflix. Source: blog.malwarebytes.org
User Comments