Hackers want your Netflix account so they can sell it on the black market at cut-rates.
Netflix accounts have long been available on the black market for low prices, but as the service has grown internationally, there's been a greater demand for cheap access to the streaming service. A recent blog post from cybersecurity company Symantec reveals that stolen Netflix accounts are selling for as little as 25 cents an account.
The company says they've found hackers are focusing on two modes of attacks for siphoning credentials. One is malware: fake Netflix ads or promotions created to look like legitimate offers. Hackers push out ads through traditional channels, so they appear in places you expect to see authentic ads — like media sites. Unsuspecting users click on the ad thinking it's sponsored by Netflix and the malware attached to the ad initiates a download onto the user's computer. Clicking on the ad will sometimes also launch the real Netflix website as a decoy, writes Symantec threat intelligence officer Lionel Payet, thereby reinforcing the idea that the ad is official.
However, when users begin entering their credentials into Netflix, the malware logs that information and passes it back to the hacker who can then sell it on the black market.
It's not just false ads that users need to be on the lookout for. Attackers also use a scam called phishing to snag accounts. Instead of advertising, attackers may send out an email directing recipients to a fake Netflix page instructing them to input their username, password and credit card information.
Accounts are then put up for sale around the web. Symantec says one seller had a stock of 300,000 accounts. Because Netflix allows up to four computers to access a single account, fraudulent account users often go undetected.
The moral of this story for those with a Netflix account: Always make sure you're accessing Netflix's official site and when you get emails from "Netflix" make sure the email address is real. Pro tip: firstname.lastname@example.org is not coming from Netflix HQ.
h/t Digital Trends
Correction: Feb. 16, 2016
A previous version of this article misidentified the language of the Netflix phishing campaign featured in the in-text image. The campaign is written in Danish, not Dutch.