With people spending a lot more time at home sheltering we are finding entertainment online. Google searches for Netflix jumped 142% since the advice to stay home became serious. The criminals as usual take note of trends in the wider world that can work to their advantage, and Netflix-themed phishing campaigns are in progress against those who are keeping their social distance at home.
The most prominent campaigns use fake sites that appear to be Netflix sign-up pages, but that in fact were established simply to steal from those who think they’re registering for the service. 639 fraudulent domains that use the word “Netflix” have been registered and 236 of those were established during March alone. 41% of these bogus domains have a mail server which indicates that they are probably sending phishing emails to prospective victims.
One of the scams was recently carried out with WhatsApp messages that assumed a public-spirited tone, offering to help people weather the pandemic with free passes to entertainment offered by Netflix. “Due to the COVID-19 pandemic, we are giving away totally free access to our platform for the period of isolation, until the virus is contained.” All you had to do to claim your “free pass” was fill out an online questionnaire–naturally it asked for personal information–and then forward the offer to ten friends. It’s all, of course, an imposture. There is no free pass.
10% of all brand-impersonation phishing attacks spoofed in the first quarter of 2020 was Apple, Netflix second with 9%, followed by Yahoo and PayPal, both at 6%. These were followed by PayPal, Chase Bank, Facebook, Microsoft, eBay, and Amazon.
Mobile phishing surpassed email phishing to take the number two spot in Q1 2020, making up 23% of all phishing attacks. Researchers believe this is due to the COVID-19 pandemic, since people are spending more time at home on their phones. Criminals are aware of this, and they’ve adjusted their attacks accordingly.
Cybercriminals exploit users by adopting highly sophisticated phishing attempts via emails, web and mobile applications purporting to be from well-recognised brands, whether that’s a high profile product launches or just behavioural changes we’ve seen during the Coronavirus pandemic criminals continue to exploit the fears and needs of people using essential services from their homes.
To discuss successful partnerships and how engaging Consulting IT to maintain your IT infrastructure will reduce your Staff downtime/ Expenditure/ Stress/ Exposure and Risk all the while increasing your Awareness/ Business Continuity Plans/ Backup and Disaster Recovery Systems/ Auditing and Compliance procedures.
Corey Hill (firstname.lastname@example.org) / National Sales and Marketing Manager
#emailsecurity #informationsecuritymanagement #informationsecurityawareness #consultingit #scams #cybersecurity #phishing #malware #cyberattack #antivirusandmalwares #informationsecurity #informationtechnology #phishingattacks #socialengineering #scamalert #cybercriminals