Netflix and Microsoft 365 app latest hit by scams
- 08 January, 2020 10:53
As the new year gets underway, Netflix has become the latest target of cyber criminals as a new scam hits inboxes.
Within the first days of 2020, Netflix users started receiving emails from a compromised email account with the subject line ‘Your Netflix Membership is on hold’, MailGuard has revealed.
The email comes with a verification link that takes users to a fake Netflix ‘Sign In’ page where scammers harvest the credentials of subscribers. It also comes with a warning that a failure to complete the process will result in their membership being suspended.
In addition, the scam takes unsuspecting users to a ‘Your Billing Information’ which asks for the users' social security number and their date of birth. This page also carries ‘Secure Server’ icons in an attempt to assure respondents that the page is legitimate.
“MailGuard urges all recipients of this email to delete it immediately without clicking on any links,” the cyber security provider wrote in a blog post.
“If you see an email from Netflix, please exercise caution and make sure it is a legitimate communication before you open it. Please share this alert with your social media network to help us make the people aware of the threat.”
Meanwhile, cyber hackers have also turned to a malicious Microsoft 365 app in order to harvest users’ credentials.
According to PhishLabs, the attacker sends a traditional phishing message impersonating an internal SharePoint and OneDrive file-share that attempts to coerce the victim into clicking an embedded link.
Unearthed last month, the scam uses the credibility of a commonly seen business process, and contains a link that directs users to Microsoft’s legitimate login page that asks users to log-in.
However, approving access to this app effectively grants full control of your Office 365 account to the attacker, including the inbox, contact and OneDrive files.
According to PhishLabs, the scam can be avoided by checking the sender account against the mailserver at 18.104.22.168.
The security provider also recommended businesses restrict the ability of Office 365 users to install Apps that are not downloaded from the official Office Store or whitelisted by an administrator.
It also suggested incorporating the content into security awareness training, that examines all aspects of an email for red flags, not just URLs and sender’s address.