Crooks offer stolen Netflix account details for cut-price subscriptions: Internet Scambusters #717
The sign-on details for a Netflix account are a valuable commodity to subscribers -- and potentially others.
Crooks are stealing and selling these details, and other people may be innocently paying for them thinking they're getting a cut-price deal, as we explain in this week's issue.
We'll also tell you about other Netflix scams and a new Instagram con trick that claims your name has gotten onto a list of ugly people!
Now, here we go...
Is Someone Using Your Netflix Account?
Have you ever had a feeling that you're being watched? What about the feeling that someone is watching what you're watching -- as in sharing your Netflix movies account?
It'd be quite easy when you think about. If that other person has your account details, they can just sign on as you and get the benefit of a "free" streaming movie subscription.
What actually happens is that scammers use malware or phishing emails to grab your Netflix account details from your PC.
Then they usually sell them to a sort of underworld broker, who advertises cut-price subscriptions and keeps all the money for himself.
Sometimes, the end users must know perfectly well they're getting a stolen subscription service.
However, it's also possible that some users are genuine victims, not realizing that there's only one place to get a Netflix subscription -- Netflix!
How to Check
There are a couple of ways you'd know if your account details have been stolen and are being used by someone else.
For instance, you might see movie names in your queue that you don't recognize, or you might be invited to "continue watching" a movie that you actually haven't been viewing at all.
Regardless of that, you can check which movies have recently been viewed on your account by visiting the My account/My profile/My activity page. At the top of this page you'll see a link saying "See recent account access."
Also, although there are no restrictions on how many devices can be linked to a Netflix account, there is a limit on how many devices can use the service simultaneously (usually 2 or 4 depending on your subscription).
So if you suddenly find yourself locked out because the service is already in use, then you might also suspect you've been hacked and scammed.
What to Do
If you discover your account has been hijacked or is being "shared," the quickest solution is to change your password on the Your Account page.
You should also check the box that says "Require all devices to sign in again with the new password."
On the other hand, if you have difficultly signing on -- because someone else changed your password -- you should contact Netflix immediately.
If you're not a Netflix subscriber but are thinking of joining, only do this via netflix.com. Don't be tempted to click on an ad on another page offering cheap subscriptions.
There are several variations of the cut-price Netflix scam including an email that claims the company is offering a special rate deal to the first 25,000 applicants or even a free one-year subscription to celebrate Netflix's birthday.
These take users to a fake Netflix page where they're asked for banking or credit card details, or other personal information, which are then used for identity theft.
Another email is headed "Unable to bill your subscription" and claims the recipient's payment method is no longer valid.
If the victim happens to be an existing Netflix subscriber, they may fall for this and click on the link in the message, which again leads to a fake Netflix page asking users to update their payment information.
More Netflix Tricks
In a further variation, people who click on fake Netflix ads are actually redirected to the genuine site but while this process is taking place, the ad, which is really an app in itself, downloads malware onto the user's PC to steal bank account and other confidential information.
Again, the way to avoid this is to not click on Netflix ads, which may or may not be genuine, but instead go straight to netflix.com if you want to sign up.
The name of Netflix is also being used in another scam -- this time in the form of a message that "confirms" you signed up for a subscription on your iPhone or iPad.
Victims receive a fake iTunes message that looks like a real order receipt from Apple.
The message confirms a purchase then tells recipients "You can cancel a subscription at any time," followed by a link for "Cancel/Refund."
Victims might be tempted to click that link straightaway -- because they didn't sign up -- but it leads to a bogus Apple site that invites you to sign on to your iTunes account.
After the details have been entered, the site appears to crash, so that victims won't immediately realize they've been scammed.
They might also receive another delaying message saying their Netflix account is temporarily on hold while identity details are being verified.
The movie streaming company has a special online section dealing with scam risks.
The page contains further links detailing the importance of using a unique password and how to spot phishing attempts.
The company also urges users to pass details of any fraudulent or suspicious activity to them.
It's worth pointing out that although these scams apply to Netflix, it's perfectly possible that crooks might try similar tactics for other paid video streaming services, such as Amazon's.
Alert of the Week
No matter how you feel about your looks, don't be fooled into thinking you made it onto the Instagram Ugly List 2016.
There's no such thing, but currently there is a message circulating that tags recipients saying they've been added to the Ugly List and asking "Why?"
Of course, there's a link to the supposed Ugly List but it's nothing more than a gateway to a hacking scam.
Your account will be compromised and the Ugly List message will now be sent out to all your Instagram friends in your name. That would be a truly ugly situation!
That's all for today -- we'll see you next week.