News

Netflix ‘Update your payment” phishing scam is bypassing email spam filters

Richard Marley
September 14, 2020
2 minutes read
151

Phishing scams are taking a new turn as more and more people are using streaming services during the COVID-19 pandemic.

The genuine-looking phishing emails are promoting Netflix subscribers to update their payment information for verification of the account, states Forbes. These emails come with Netflix logos and bypass most spam filters making them look authentic emails from the company.

Dear @netflix , the phishing folks are sending me at least 3 emails a day telling me my Netflix account needs updating. Thankfully I can see by clicking on the “from” tab, the account is a scam. I’m not sure you can stop these, but I suggest you let members know. pic.twitter.com/7skYB3T6IW

— kathymarasco🇨🇦 (@kathymarasco) September 10, 2020

The scam email comes with the title “Notice of Verification Failure” and reportedly tricks users into clicking the link of CAPTCHA page. This page also has Netflix logos and branding.

Clicking on the link takes the victims to a Netflix lookalike page where they are required to enter their Netflix login information including billing address and their credit card information. Once the victim enters the payment details, they are redirected back to Netflix. The phishing scam started a few weeks ago.

The scammers used legitimate website domains to send the phishing emails, the reason why most spam filters were thrown off. Also, the website at which the users are directed to belongs to a Texas-based oil and gas company.

In the light of a new phishing scam, Netflix alerted its users to beware of such emails. Also, it suggested the subscribers, to forward the received scam message to phishing@netflix.com before deleting the email.

Disclaimer: No warranty is herein provided that the information contained in this document is accurate, up-to-date, and/or complete. In no circumstance(s), does such information constitute legal or any other advice. Any person who intends to use, rely, pass-on, or re-publish the information contained herein in any way is solely responsible for the same. We suggest to verify the information and/or obtain expert advice independently if required.

Latest News

News
ECB Releases Paper Revealing Financial Crime Risks in Cross-border Payments
ECB has released a paper that reveals the financial risks associated with cross-border payments, suggesting possible solutions via crypto, blockchain or internlinked payments.

In a report examining the present inefficiencies of cross-border payments, the European Central Bank (ECB) makes suggestions for potential solutions using blockchain, cryptocurrency, or connected national payment rails.

The paper, titled “Towards the holy grail of cross-border payments,” discusses the problem that the friction of anti-money laundering (AML) systems is one of the main barriers to tackling payment difficulties. The study asserts that one of the six routes it proposes may be on the verge of achieving the ideal result (the so-called “holy grail”), which is that payments should be prompt, affordable, widespread, and settled in a safe medium like central bank money.

However, ECB experts emphaize that in order for this to happen, it is crucial to make progress in addressing AML and CFT compliance inefficiencies in order to make the outcome attainable.

According to the ECB document, Bitcoin was one of the potential options that the G20 considered. The layer two alternatives for micropayments, the Lightning network, are also explored in the study in addition to the Bitcoin network. The authors see the existence of one large network and the lack of middlemen as relevant advantages in resolving Bitcoin custody issues for end users.

Despite its shortcomings, such as its high energy consumption and uneven application of AML/CFT compliance, Bitcoin is nevertheless seen as a reliable alternative. Not to add, according to the ECB study quoted, “its price volatility impairs its acceptability of means of payment – both for local and cross-border” transactions.

Although less innovative than Bitcoin, the ECB considers stablecoins to be a workable alternative. Due to its possible impact on financial stability, the potential for monopolies to be created, and the opportunity for market exploitation, stablecoins are viewed with scepticism as an all-encompassing answer to cross-border payments.

Given the variance of national CBDC pilots across Europe and the fact that the availability of digital currencies is far from complete at the EU level, the research views multi-CBDC solutions as one of the more theoretical options. Nevertheless, interlinking domestic payment systems and multi-CBDC were ranked as the two most promising directions to pursue.

The ECB also used the opportunity to assess current cross-border payment rails, such as Nexus, a plan for connecting instant payment systems across national borders, TIPS RIX-EUR, which links the Swedish and Euro area TIPS platforms, and P27, as well as the alliance between EBA Clearing and The Clearing House, which aims to link the Euro zone with the US.

Suggested Read: “Crypto Should Be Regulated, Not Prohibited”, Says ECB Vice President

Recent Posts

Blog
E-Learning Platform and Prevailing Crimes - How Shufti Pro Can Help
The global pandemic is prompting a phenomenal increase in online life. From doing groceries to job interviews and more, many daily activities moved from in-person to online and that included education. Started by religious institutions, the educational systems, as well as way of teaching, have transformed. Thanks to technological advancements, distance or e-learning are becoming a new norm. However, over recent years, the education industry has faced numerous challenges as a result of digitization. Cyberattacks including data breaches, identity theft, phishing and blackmailing are a few most occurring issues that the sector is struggling to deal with.

Fortunately, these risks can only be mitigated to a large extent, with robust identity verification systems, which are capable of identifying the true identities of students before getting them on board.

The Rise of E-Learning and Crime – A Brief Introduction

The online or distance learning sector has significantly grown over the past years, as modern IT infrastructures and instant internet connectivity is aiding the education industry to provide people with new opportunities to gain new skills. Since the coronavirus pandemic, online e-learning has become more common as millions of people across the globe have accepted the new learning model. The work from home and social distancing norms forced schools, universities and other education centres to provide remote services which surged the use of digital learning. Thus, according to Research and Market predictions, the e-education industry is all set to reach $350 billion by 2025, however, the number might be updated after assessing the growth of COVID-19 impacts on the sector.

There are hundreds of online learning portals or websites such as Uudemy, Lynda, Skillshare, and Coursera that are widespread over the digital world facilitating billions of people. Furthermore, top-notch universities are also democratising learning by making courses accessible through online portals. For example, Stanford and Harvard’s university gives access to students to get hands-on educational material as well as courses under different categories.

However, as new technologies have emerged with heaps of benefits and innovative opportunities, the risk of crimes has also increased. Students, as well as cybercriminals, are availing the exploiting education centres for their own personal gains. Cybercriminals’ activities such as identity theft, data breaches, malicious attacks, blackmailing, synthetic identities and document fraud are among the commonly occurring crimes pouring adverse impacts over this industry. Due to this, the e-learning sector is being challenged by cyber criminals and is finding it hard to provide secure services while retaining customers along with their reputation.
Popular Cybersecurity Risks Education Sector is Prone To

There are numerous reasons cybercriminals target e-learning platforms. However, out of them these two are perhaps the most significant, first online education service providers typically gather and store sensitive personally identifiable information of millions of students. This makes a jackpot-like situation for fraudsters, who are capable of getting their hands on the personal details of victims in just one malicious or data breach attempt. Second, the data placed in educational databases are highly valuable on the dark web. The information includes mailing addresses, social security numbers, ID numbers, driver’s licence numbers, and even medicare information. In fact, nearly 11% of all data breaches that occurred in 2017 involved exposure of faculty and student health records. According to the research, adult’s sensitive information sells for around $10 to $25 dollars on the dark web, while students’ data is worth nearly $300.

As a result of gathering both types of data and the massive number of records stored at their end, it’s no wonder that employees or students associated with the education sector are targeted. Through phishing attacks or hacking the databases, criminals can use the victims’ credentials to manipulate students as well as damage the institutions’ reputations.

Social engineering attacks such as malware and phishing scams are on rise in the education industry. According to the key findings, in 2019, nearly 41% of the data breaches were caused by these attacks. CBC news published that MacEwan University lost $11.8 million after an employee fell prey to a phishing attack.

Ransomware attacks are another type of technique that fraudsters use to get their hands on databases. This involves infecting data files and systems through malicious viruses. By opening, installing or clicking on a file, the bogus software infects the system resulting in losing admin control.

Spoof attacks are also becoming common in education centres. In this scheme, the cybercriminals pretend to be a legal entity to gain authorised access to online learning platforms and then infect the data directories with malware viruses. This fraudulent activity happens in multiple ways, but some of them include email and caller ID spoofing.

Password Hijacking is another most preferred means of gaining unauthorised access to educational centres’ databases. This usually occurs when the passwords are easy to guess like “1234” or “ABC”. A report states that nearly 73% of people have set the same passwords across many accounts, making it a lot easier for criminals to hijack accounts.

How Shufti Pro Can Help

Depending on the current inconsistent situation, where the education sector is trying hard to fight sophisticated crimes, there are numerous services available at Shufti Pro that can help this industry in a variety of ways. Ranging from consent verification, document validation, and facial biometric recognition to two-factor authentication that offers the highest level of confidence as those utilised by the banks or other financial service providers. Powered by thousands of AI algorithms, Shufti Pro’s state-of-the-art identity verification services can help the education industry to overcome the risk of cyberattacks, unauthorised access, and identity theft. Ensuring legit student onboarding with 98.67% accuracy.

In addition to this, online education platforms are also finding it hard to authenticate students as well as faculties identity documents before getting them onboard. AI-powered document verification services, capable of verifying 3000+ types of identity documents written in 150+ languages, can aid digital platforms in validating documents in less than a second along with determining the sign of tempering if present.

Want to know more about identity verification for the education centres?
Talk to us

Netflix ‘Update your payment” phishing scam is bypassing email spam filters

The Rise of E-Learning and Crime – A Brief Introduction

Popular Cybersecurity Risks Education Sector is Prone To

How Shufti Pro Can Help

Let’s prove your

customer’s identity

with Shuftipro.

Let’s prove your customer’s

identity with Shuftipro.