Criminals Targeted Netflix Users’ Payment Data in Recent Phishing Scam

Netflix is one of the most popular online video streaming services in the world. This also attracts the attention of cyber criminals who are looking to exploit Netflix user’s information. A new phishing campaign targets user information and payment card data. Thankfully, this campaign has been brought to a halt already, however it remains unclear how many people were affected.

Netflix Targeted In Recent Phishing Campaign

As one expects from a phishing campaign, the criminals operating that scheme attempted to lure unsuspecting users into giving up sensitive information. In this case, that involved setting up a fake Netflix logins screen, allowing the criminals to capture user login information. With these credentials, the crooks also gained access to payment card data.

The phishing page in question looked legitimate, as it is a perfect copy of the original. Users were asked to enter their email address and associated password. Once this form was completed, the users were asked to confirm their billing information, as well as enter their birthdate and address.

One thing that gave the scam away was how the people behind this Netflix phishing scam asked users to enter their social security number. Netflix has never done so, nor are they included to collect that type of information. Moreover, the billing page also required users to enter their card’s 3D Secure Code.  Interestingly enough, this level of verification has not been deployed in the US yet, even though it is rather common in the US and India.




All of the information filled in through the web forms in question is sent to an anonymous email address by making use of a PHP email utility. It is expected these criminals will attempt to target other popular online services in the future. For now, it remains unclear how long this phishing campaign was active for, or how many users may have unknowingly entered the sensitive information.

This is neither the first time Netflix customers are dealing with a phishing campaign, nor will it be the last. In most cases, the login credentials are sold on the deep web, or are offered to users in exchange for Bitcoin. It is not difficult to find hacked Netflix accounts on the internet, most of which are obtained through phishing campaigns like this one.

It has to be said, the criminals behind this phishing scam took the necessary precautions to avoid detection. If a visitor from anti-phishing services, or even Netflix themselves, would visit the page, they would see a 404 error message. Quite a crafty trick, but in the end, the phishing campaign was shut down regardless.

If you liked this article, follow us on Twitter @themerklenews and make sure to subscribe to our newsletter to receive the latest bitcoin, cryptocurrency, and technology news.