Netflix payment declined? ! Transferred to a phishing website similar to Netflix's official website through mailingboss.net, stealing streaming platform accounts and credit cards

防詐達人
·
·
IPFS
·
Recently, a large number of Netflix phishing letters have appeared, and the tricks are ever-changing, from "payment declined" "your membership has expired" to "repeated charge notification", all kinds of ways to induce you to click on the URL in the letter. We found that this wave even used the mboss.mailingboss.net domain to forward to the Netflix phishing site multiple times, trying to steal people's login passwords and credit card information

Recently, the epidemic has heated up again. When many people are quarantined at home, they go to Netflix, Disney+, LineTV, CATCHPLAY+ and other streaming video and audio platforms to chase dramas. Fraud groups have also seized this wave of traffic and sent a large number of fake Netflix official emails and phishing websites. Deceiving people's login password and credit card

Netflix Phishing Process via Mailingboss

1. Fake Netflix's official email

Recently, many people have received a notification letter that looks like Netflix, but the sender is Netflix's Chinese name "Netflix", and the sender's address is not netflix.com but mailer[.]mailingboss[.]net

The letter reads:

Payment declined <br class="smart">Welcome, we tried unsuccessfully to authorize the card you have on file.
Therefore, we will automatically attempt to charge your card again within 24-48 hours.
Update the expiration date and your СVV (Card Verification Value) as soon as possible so that you can continue to use it in your account.

2. Another notification letter

What's even weirder is that after clicking "update now" in the email, it doesn't actually take you to the update screen, but to another website (mboss[.]mailling[.]net) that looks like is another notification letter

Your Suspension Notice <br class="smart">Hi Client:
We cannot verify your billing information for the next billing cycle of your subscription, so if we do not hear from you within 24 hours, we will suspend your membership.
Obviously we'd love to have you back, just click the link below to update your details and continue enjoying all the best TV shows and movies without interruption.

This notification is full of strange grammar. The title is a direct translation of Your suspension notification in English , and it is written as " Your suspension notification ".

In addition to the typo part of "reply" written as "reply", there are some more like "link" and "click" in Chinese terms

Do you have any more doubts? Welcome to leave a message to share with everyone~

3. Fake Netflix phishing site

After that, I clicked "Restart Membership" in the mboss[.]mailingboss[.]net website to actually enter a phishing website (studentstoragemanchester[.]com) that is very similar to the Netflix official website.

All buttons on this site are unresponsive except for the "Login" button! Including "need help", "log in with Facebook" and "register now" are all

Obviously, as long as you enter your account password, nothing else matters. Once you enter and send, the other party can try to use this set of account passwords to log in to your Netflix, or even other platforms, such as Facebook, IG, Disney+, etc.

Then the phishing site wants to defraud your payment information, asking you to enter the card name, card number, expiry date, CCV, and even your date of birth and address

Once this is given out, not only will your Netflix account be stolen, but your credit card or debit card will also be stolen, and you will lose tens of thousands of yuan at a time.

This page once again comes up with the Chinese term "debit card", which is called a debit card in Taiwan. Be careful, if there are typos or non-Taiwanese words on the page, be careful, this is a very obvious sign of a phishing website

How to Identify Fishing

The same type of scam is not just in this case, you may encounter a website with the same purpose (attempting to defraud login password and payment information), but the letter and the website look different, or the website is not fake Netflix , but other streaming platforms like Disney+, KKbox, Spotify, etc.

Another recent type of Netflix phishing: a super similar Netflix phishing site!

So the most important thing is to learn to identify phishing websites by yourself through the following characteristics

1. Log in directly to Netflix

If your Netflix account is disabled, you will be asked to re-enable your membership when you log into Netflix, so if you get this letter and you go to https://www.netflix.com/ If you can log in to watch the video normally, it means that the letter is fake.

remember! Be sure to search for Netflix by yourself , don't go to Netflix through the link in the letter, although they make a very similar picture, it is not necessarily true

2. Sender's email address

Although the sender's name is likely to write "NETFLIX" "Netflix"

But look carefully at the email address, as long as it's not from @xxx.netflix.com , don't easily believe that he is really from Netflix, the name can be named arbitrarily, but the email address can't be faked, so don't believe the name, more Take a look at the email address

3. Strange Chinese grammar

There are many strange Chinese grammars in this letter, for example, where we used to say "website" or "link", they use the Chinese term "link"; and "debit card" is written as "debit card"

And the bizarre "Your Suspension Notice"

4. Check Links with Fraud Experts

Whether you're on a screen that looks like Netflix or Disney+ or another streaming platform, be sure to double-check the URL when you're about to enter sensitive information or log in to see if it's the official website you normally use

If you can't directly identify whether it is the official website through the URL, then you can pass it to the anti-fraud expert , and we will check it for you! You only need to pass suspicious links, and in two seconds, you will know whether the website is safe or not.

Comprehensive Fraud Prevention Toolkit:


CC BY-NC-ND 2.0

Like my work? Don't forget to support and clap, let me know that you are with me on the road of creation. Keep this enthusiasm together!

防詐達人大家好~我們是防詐達人🙌投資詐騙、交友詐騙、各式各樣的釣魚連結,防詐達人提供最新的詐騙快訊與手法破解。當看到任何無法確定的訊息,也都可用防詐達人來查詢和回報唷~
  • Author
  • More

麥當勞雙人餐99元限時搶購是釣魚網站,看簡訊才發現自己竟顯被盜刷四萬多元

趨勢科技全新WEB3防詐騙工具TM ChainSafer 上線!使用 MetaMask 交易同時即可檢查

7-11和全聯「新年禮物」抽獎是假的!恐讓你下期電話帳單爆表,還安裝不明軟體