Uncovered by PhishMe, this phishing attack starts with a Netflix branded email asking users to update their account details and has a link to direct them to a spoofed landing page asking for their email address and password. Once that has been entered the page then directs them to another page asking for them to update their credit card details, all while looking like a genuine Netflix page.
These scammers are specifically targeting busy corporates and consumers. The scammer succeeds most of the time targeting corporate email accounts, as large number of people generally tend to use their corporate email accounts for consumer activities. Furthermore, the scammer hopes that you reuse the same password for your personal email account or, if the scammer is very lucky, for your work email account.
Password re-use is a very simple mistake many people make, and by giving up one account detail, the user has fallen into the trap. As instructed by many Cyber Security Experts around the globe time and again, to have a separate password for each type of account access and use a secure password vault to store those passwords to retrieve when required, but unfortunately this practice is rarely followed by large number of people.
-Adv. Rajas Pingle, Cyber Law Expert, Netlawgic Legal Services LLP.
- info@netlawgic.com
- www.netlawgic.com
- http://rajaspingle.blogspot.in/
