Netflix Accounts Are Selling for 25 Cents on the Black Market

Source: Getty Images
Source: Getty Images

Hackers want your Netflix account so they can sell it on the black market at cut-rates. 

Netflix accounts have long been available on the black market for low prices, but as the service has grown internationally, there's been a greater demand for cheap access to the streaming service. A recent blog post from cybersecurity company Symantec reveals that stolen Netflix accounts are selling for as little as 25 cents an account. 

The company says they've found hackers are focusing on two modes of attacks for siphoning credentials. One is malware: fake Netflix ads or promotions created to look like legitimate offers. Hackers push out ads through traditional channels, so they appear in places you expect to see authentic ads — like media sites. Unsuspecting users click on the ad thinking it's sponsored by Netflix and the malware attached to the ad initiates a download onto the user's computer. Clicking on the ad will sometimes also launch the real Netflix website as a decoy, writes Symantec threat intelligence officer Lionel Payet, thereby reinforcing the idea that the ad is official. 

However, when users begin entering their credentials into Netflix, the malware logs that information and passes it back to the hacker who can then sell it on the black market. 

An example of a Danish phishing campaign
Source: 
Symantec

It's not just false ads that users need to be on the lookout for. Attackers also use a scam called phishing to snag accounts. Instead of advertising, attackers may send out an email directing recipients to a fake Netflix page instructing them to input their username, password and credit card information.

Accounts are then put up for sale around the web. Symantec says one seller had a stock of 300,000 accounts. Because Netflix allows up to four computers to access a single account, fraudulent account users often go undetected.   

The moral of this story for those with a Netflix account: Always make sure you're accessing Netflix's official site and when you get emails from "Netflix" make sure the email address is real. Pro tip: netflix@gmail.com is not coming from Netflix HQ.   

h/t Digital Trends

Correction: Feb. 16, 2016
A previous version of this article misidentified the language of the Netflix phishing campaign featured in the in-text image. The campaign is written in Danish, not Dutch. 

How likely are you to make Mic your go-to news source?

Ruth Reader

Ruth is a senior staff writer covering innovative technology and the people behind it. Send through pitches and tips to ruth@mic.com.

MORE FROM

Watchdog groups sue Trump for deleting tweets, allegedly violating Presidential Records Act

Trump's deleted tweets may come back to haunt him.

Grizzly bear protections in Yellowstone National park are ending

A final ruling by US government officials will strike the Yellowstone grizzly bear from the list of threatened species after its population increased to 700.

Another day, another off-camera White House press briefing

The move to scale back on-camera press briefings comes amid Trump's increasing unwillingness to interact with the press.

Minneapolis might get a $15 minimum wage, but restaurant workers aren't celebrating

Discord has been brewing in Minneapolis over whether tipped work will be counted toward a $15 minimum wage.

These abysmal new poll numbers for House health care bill don't bode well for Senate version

Only 34% of Republicans approve of the new proposed law.

'Pizzagate' shooter gets 4-year prison sentence, lawyers urged judge to deter vigilantism

Welch stormed a Washington, D.C., pizza place and shot off a firearm because of the internet.

Watchdog groups sue Trump for deleting tweets, allegedly violating Presidential Records Act

Trump's deleted tweets may come back to haunt him.

Grizzly bear protections in Yellowstone National park are ending

A final ruling by US government officials will strike the Yellowstone grizzly bear from the list of threatened species after its population increased to 700.

Another day, another off-camera White House press briefing

The move to scale back on-camera press briefings comes amid Trump's increasing unwillingness to interact with the press.

Minneapolis might get a $15 minimum wage, but restaurant workers aren't celebrating

Discord has been brewing in Minneapolis over whether tipped work will be counted toward a $15 minimum wage.

These abysmal new poll numbers for House health care bill don't bode well for Senate version

Only 34% of Republicans approve of the new proposed law.

'Pizzagate' shooter gets 4-year prison sentence, lawyers urged judge to deter vigilantism

Welch stormed a Washington, D.C., pizza place and shot off a firearm because of the internet.