Netflix has issued a warning to its customers in Ireland after a number of users reported receiving an email from the company regarding their accounts.
The cybercriminals behind phishing attacks are always looking for new targets and it appears that Netflix users are their latest mark. A number of customers received an email that they thought was from the company, which read:
"Dear customer, during the regular maintenance and verification processes, we have detected an error in your account. If your account information is not updated within 24 hours, your ability to access your account will be restricted."
- One trillion phishing emails sent every year
- Cofense: Why it’s time for everyone to defend against phishing
- Half of malicious emails tied to credential phishing
However, Netflix and other companies rarely ask users to provide personal information by email.
If a company asks you to provide personal information by email, this is usually a clear sign that the email was not sent through official channels but by cybercriminals attempting to gain access to your account.
Senior Director of Solutions Marketing at Cofense, David Mount provided further insight on the phishing scam that targeted Irish Netflix users, saying:
“The news that customers of Netflix Ireland are being targeted by an email phishing scam is concerning, but not surprising. In fact, our recent research found the scale of the phishing threat is still high - with 90% of malicious emails having been found in business environments running one or more enterprise-grade secure email gateways. If businesses are still being successfully phished to this extent, consumers are clearly at risk from such attackers.
“With over 250,000 customers in Ireland, attackers have cast the net far and wide on this occasion, and there no doubt will be recipients that click on the email and may even fall for the scam. Awareness is the key to avoiding such dangers.
“While this phish purely seems aimed at consumers, it’s important to note that attacks of this kind are also commonly used to target enterprise individuals, particularly when corporate email addresses are also used for personal purposes. Both businesses and consumers need to remain vigilant.
“Whether in a business or personal context, it is critical we educate users about these convincing tactics and train them to spot, and report where relevant, suspicious emails – safeguarding them from data breaches and financial losses. For example, users should be suspicious of emails containing links in which the URL does not go to the official company site when hovered over, as well as shortened URLs including bitly or goo.gl links, all of which are potential evidence of a phishing attack."
- Keep your devices protected online with the best antivirus
Via The Irish Sun