Skip to main content

Netflix targeted by cyber-criminals in Denmark and Brazil

Don’t let your Netflix and chill turn into Netflix and a ruined afternoon.

There's a malicious campaign going on, targeting Netflix users, Norton by Symantec has reported recently. Explaining the campaign in a blog post, Symantec says hackers are targeting Brazilian and Danish users, trying to steal their credentials.

Once the credentials have been stolen, they most likely get sold in the Netflix black market (yes, there's a black market for that), where people come to try and get their hands on a cheaper deal for their Netflix.

The security firm discovered two ways hackers are trying to steal information – one is through the classic email phishing, while the other requires the deployment of malware.

The phishing was crafted especially for Danish users – it tried to trick users into thinking their account needs to be updated and that there are problems with payment. "The emails were sent from netflix@fakt[REDACTED].com with the subject “Opdater Betalingsinformation”. The site that the email linked to is no longer active,” Symantec reports.

The other method requires malware. Symantec suspects there are fake ads out there, promising cheaper Netflix through specially crafted software. After being tricked into downloading and running the software, the program opens the Netflix home page as a decoy and secretly downloads Infostealer.Banload.

Banload steals banking information from the affected computer, and is being used mainly in Brazil.

Symantec advises all users to download Netflix software only from official sources, and not to trust anyone promising cheaper or free Netflix services, as those ‘may contain’ malicious files or steal data.