Netflix payment declined? ! Transferred to a phishing website similar to Netflix's official website through mailingboss.net, stealing streaming platform accounts and credit cards

Recently, the epidemic has heated up again. When many people are quarantined at home, they go to Netflix, Disney+, LineTV, CATCHPLAY+ and other streaming video and audio platforms to chase dramas. Fraud groups have also seized this wave of traffic and sent a large number of fake Netflix official emails and phishing websites. Deceiving people's login password and credit card

Netflix Phishing Process via Mailingboss

1. Fake Netflix's official email

Recently, many people have received a notification letter that looks like Netflix, but the sender is Netflix's Chinese name "Netflix", and the sender's address is not netflix.com but mailer[.]mailingboss[.]net

The letter reads:

Payment declined <br class="smart">Welcome, we tried unsuccessfully to authorize the card you have on file.
Therefore, we will automatically attempt to charge your card again within 24-48 hours.
Update the expiration date and your СVV (Card Verification Value) as soon as possible so that you can continue to use it in your account.

2. Another notification letter

What's even weirder is that after clicking "update now" in the email, it doesn't actually take you to the update screen, but to another website (mboss[.]mailling[.]net) that looks like is another notification letter

Your Suspension Notice <br class="smart">Hi Client:
We cannot verify your billing information for the next billing cycle of your subscription, so if we do not hear from you within 24 hours, we will suspend your membership.
Obviously we'd love to have you back, just click the link below to update your details and continue enjoying all the best TV shows and movies without interruption.

This notification is full of strange grammar. The title is a direct translation of Your suspension notification in English , and it is written as " Your suspension notification ".

In addition to the typo part of "reply" written as "reply", there are some more like "link" and "click" in Chinese terms

Do you have any more doubts? Welcome to leave a message to share with everyone~

3. Fake Netflix phishing site

After that, I clicked "Restart Membership" in the mboss[.]mailingboss[.]net website to actually enter a phishing website (studentstoragemanchester[.]com) that is very similar to the Netflix official website.

All buttons on this site are unresponsive except for the "Login" button! Including "need help", "log in with Facebook" and "register now" are all

Obviously, as long as you enter your account password, nothing else matters. Once you enter and send, the other party can try to use this set of account passwords to log in to your Netflix, or even other platforms, such as Facebook, IG, Disney+, etc.

Then the phishing site wants to defraud your payment information, asking you to enter the card name, card number, expiry date, CCV, and even your date of birth and address

Once this is given out, not only will your Netflix account be stolen, but your credit card or debit card will also be stolen, and you will lose tens of thousands of yuan at a time.

This page once again comes up with the Chinese term "debit card", which is called a debit card in Taiwan. Be careful, if there are typos or non-Taiwanese words on the page, be careful, this is a very obvious sign of a phishing website

How to Identify Fishing

The same type of scam is not just in this case, you may encounter a website with the same purpose (attempting to defraud login password and payment information), but the letter and the website look different, or the website is not fake Netflix , but other streaming platforms like Disney+, KKbox, Spotify, etc.

Another recent type of Netflix phishing: a super similar Netflix phishing site!

So the most important thing is to learn to identify phishing websites by yourself through the following characteristics

1. Log in directly to Netflix

If your Netflix account is disabled, you will be asked to re-enable your membership when you log into Netflix, so if you get this letter and you go to https://www.netflix.com/ If you can log in to watch the video normally, it means that the letter is fake.

remember! Be sure to search for Netflix by yourself , don't go to Netflix through the link in the letter, although they make a very similar picture, it is not necessarily true

2. Sender's email address

Although the sender's name is likely to write "NETFLIX" "Netflix"

But look carefully at the email address, as long as it's not from @xxx.netflix.com , don't easily believe that he is really from Netflix, the name can be named arbitrarily, but the email address can't be faked, so don't believe the name, more Take a look at the email address

3. Strange Chinese grammar

There are many strange Chinese grammars in this letter, for example, where we used to say "website" or "link", they use the Chinese term "link"; and "debit card" is written as "debit card"

And the bizarre "Your Suspension Notice"

4. Check Links with Fraud Experts

Whether you're on a screen that looks like Netflix or Disney+ or another streaming platform, be sure to double-check the URL when you're about to enter sensitive information or log in to see if it's the official website you normally use

If you can't directly identify whether it is the official website through the URL, then you can pass it to the anti-fraud expert , and we will check it for you! You only need to pass suspicious links, and in two seconds, you will know whether the website is safe or not.

Comprehensive Fraud Prevention Toolkit:

• Learn More Fraud Prevention Tips: Fraud Expert Blog
• Get to know Fraud Master: Fraud Master Official Website
• Identify fraudulent websites in one second: anti-fraud expert chatbot
• Discuss fraud with everyone: fraud prevention experts - National Anti-Fraud Notification Center
• Original blog post