• Follow us

Technology

Phishers Bait Hooks for Netflix, Amex Users | Cybersecurity

Cybersecurity experts at Microsoft's Windows Defender Security Intelligence Team this week reported their discovery of two new email-based phishing campaigns. One targets Amex (American Express) users while the other targets Netflix customers. Both campaigns reportedly are very well-crafted, featuring legitimate logos and even fill-in forms that closely mimic those on the respective company's own websites.

It isn't clear if these campaigns are being orchestrated by the same group, but each was launched last weekend, and each cast a wide net. The Windows Defender Intelligence Team has advised all computer users to be especially vigilant in the coming days and weeks.

Phishing attacks have increased not only in sophistication, but also in frequency. Upwards of 20 percent of phishing email recipients were convinced that the messages were legitimate and clicked on the redirecting links, according to Microsoft's security experts, who noted there was a 250 percent increase in such attacks last year.

Getting Very Personal

The recent attacks both warned of account issues, a common tactic with phishing scams. Amex customers have been receiving a "Notice Concerning Their CardMember Account," which claims that they need to go through a reauthentication process for security reasons. The message urges users to download and fill out an attached form. Based on reports, the form itself doesn't contain a virus but rather asks for highly personal information such as mother's maiden name, birth dates, PIN for the card, and even first elementary school.

The Netflix phishing attack warns users that their "account is on hold because of a problem with their last payment," and as with the spoofed Amex emails, they feature the actual Netflix logo. A link directs users to a "Billing Information" form that requests full credit card numbers including PIN, as well as Social Security numbers and other personal details.

What is notable about these respective emails and forms is how convincing they appear, including correct grammar and spelling -- an indication that the criminals responsible took the time to copy edit the content to eliminate the usual telltale typos. About the only notable giveaway with the Amex email is that it features capital letters following commas -- something that some users might not immediately recognize as a grammatical error.

Casting a Wide Net

Phishing scams tend to be rather low-tech in nature, a fact that has remained true since they first showed up on Usenet newsgroups nearly 25 years ago. Even with constant reminders from companies and security experts not to trust such emails, many people still fall victim to these attacks.

"The average consumer is not trained to think of emails in terms of the potential threat they might contain, unless they've been similarly compromised before," observed Colin Little, senior threat analyst at Centripetal Networks.

"We see Microsoft is demonstrating that they are continually trying to develop ways to stop these threats," he told TechNewsWorld.

Also worth noting is not only the scale of the attacks, but "also the context of the attack -- taking place during an overall increase in the phishing threat landscape," said Little.

"We continue to see these types of attacks because they're effective," observed Francis Dinha, CEO of OpenVPN.

"Plus, these attacks target humans over tech. That is, a hacker doesn't have to be a tech wizard to carry it out -- they just need to be able to trick the reader into clicking on a link or filling out a form," he told TechNewsWorld.

"It takes very little tech expertise to do that, because it's more of a personal con than a technical assault," Dinha explained. "People have been trying to trick each other out of resources since humanity began; we just have modern tools to do so more effectively now."

Beyond Amex and Netflix

At present, it isn't clear if this attack was sent only to actual "known" customers of Amex and Netflix or if a much wider net was cast.

"Potentially, we'll never know for sure, but that would tell us whether the attackers are using information from some prior breach to focus the effort," noted Jim Purtilo, associate professor in the computer science department at the University of Maryland.

"Sending a fake Netflix notice of account suspension to people who aren't Netflix customers is probably not very productive," he told TechNewsWorld.

"On the other hand, so many people are Netflix customers that an attacker has statistics on his or her side, and a random mail blast to a zillion collected names will score hits," Purtilo added.

The attackers also have economics on their side.

"Sending a malicious mail blast is basically free for them," said Purtilo. "Phishing is a low-overhead business that profits with the very first hapless user to respond. If the volume of phishing attempts has gone up in the last year, then that tells us it is also mostly free of legal costs. Officials just aren't keeping up."

Cutting the Net

The best defense against phishing attacks is awareness, but this is also one of those rare situations where literally doing nothing is the best course. Don't open the email, don't respond -- just ignore it.

"Education has to be the No. 1 strategy for users across the board," said OpenVPN's Dinha.

"Consumers need to educate themselves, and companies need to educate their workforce and stakeholders," he suggested.

All too often these attacks work because users haven't thought to question what they're reading, but education on cybersecurity risks teaches us to stop and question, said Dinha.

"If you've never heard of someone experiencing the consequences of a phishing attack, then you might assume it's less likely to happen to you or not that dangerous," he suggested. "But the more educated you are on what exactly can happen and how, then the more likely you are to be on alert for attacks like this. This education has to go beyond the obligatory warning to consumers -- it has to be an in-depth explanation of and understanding around the cybersecurity risks we're facing."

Low-Hanging Fruit

Phishing scams are effective for the criminal groups because, unlike other attacks, they don't require very sophisticated skills. Apart from crafting an official-looking email and spoofed website, no other technical expertise is required.

In fact, it probably isn't apt to describe the perpetrators as "cybercriminals" or "hackers," as they are more like con artists. The phishing scams work because people are fooled into supplying information, not because someone broke into a system. This is why these attacks are unlikely to go away. Even if most people delete the email from a phishing campaign, a few individuals will believe it.

"Unfortunately, we will continue to see these types of phishing attacks on consumers as long as they continue to fall for them," said Jo O'Reilly, cybersecurity advocate at BestVPN.com.

"These types of attack are a numbers game, even if only a handful of those targeted respond, then the hackers have still seen their efforts pay off," she told TechNewsWorld.

"The best way for consumers to protect themselves from phishing is to ensure they never enter personal or financial details via a link contained within an email, even an official-looking one," O'Reilly added.

"Instead, they should always open a new browser window in order to sign into any online account, whether it is Netflix, Amex or any other service, before inputting their password or any other personal information," she advised.

The good news is that security experts are closely monitoring the situation and bringing greater awareness to phishing efforts.

"This latest story shows us that Microsoft's cloud protections are attempting to do more and more to proactively protect the accounts of their users from receiving these phishing emails," said Centripetal Networks' Little. "However, it is in the nature of cybersecurity that the more innovative we are at detecting threats, the more innovative and evasive the bad guys will be -- I liken it to the Tom and Jerry cartoons."

Peter Suciu has been an ECT News Network reporter since 2012. His areas of focus include cybersecurity, mobile phones, displays, streaming media, pay TV and autonomous vehicles. He has written and edited for numerous publications and websites, including Newsweek, Wired and FoxNews.com. Email Peter.

Read More



Leave A Comment

More News

TechNewsWorld

Apple's Path to Destruction 2019-04-01 13:19:57One of the things I mention very infrequently is that I was groomed to be a CEO from a very early age. My educational background and two programs at I

New Zorin OS 15 Beta Is Worth the 2019-03-28 15:08:15The Zorin OS 15 series, released last week in beta, introduces many changes to its desktop interface and utilities. It keeps Zorin on track with its g

FTC Eyeballs ISPs' Data Privacy Practices 2019-03-28 08:00:00The United States Federal Trade Commission has announced an investigation into the privacy policies, procedures and practices of seven Internet broadb

Apple Wants Its Credit Card in Your Digital 2019-03-27 14:03:25Apple has announced a virtual credit card built into the wallet app on iPhones. Apple Card sports a number of features aimed at helping consumers lead

Apple Presents Its Spin on Entertainment and News 2019-03-26 12:28:06Apple announced a raft of new services, including original TV programming and news and magazine offerings, at an event held at the Steve Jobs Theater

Telegram Provides Nuclear Option to Erase Sent Messages 2019-03-26 08:00:00Telegram Messaging has introduced a new feature that allows user to delete not only their own comments, but also those of all other participants in th

The Future According to Nvidia 2019-03-25 13:34:42I spent last week at Nvidia's GPU Technology Conference, and I expect this will be the last year it will go by that name. The company has evolved si

Phishers Bait Hooks for Netflix, Amex Users 2019-03-22 08:00:00Cybersecurity experts at Microsoft's Windows Defender Security Intelligence Team this week reported their discovery of two new email-based phishing c

SparkyLinux Incinerates the Hassle Factor 2019-03-21 13:24:35SparkyLinux is a Linux distro that can ignite your daily computing experience. Its spark is pushing me to rethink my computing priorities. Regularly r

New Oculus Rift S Pushes VR Experience Up 2019-03-21 08:00:00Facebook unveiled its Oculus Rift S virtual reality headset at the Game Developers Conference in San Francisco. It will be available this spring for $

Google Stadia: Future of Gaming or Pie in 2019-03-20 08:00:00Google has pulled the wraps off Stadia, a new cloud-based gaming platform. Using the power of Google's global information infrastructure, Stadia can

MOREbot Introduces Kids to Robotics Using 3D Printed 2019-03-19 14:05:09MORE Technologies last week launched a Kickstarter campaign to raise $20,000 for development of its open source robot ecosystem. The company will fund

PCWorld

Call of Duty: Black Ops 4's battle royale 2019-04-02 15:54:00Poor Blackout. For a brief period last year I thought Call of Duty: Black Ops 4’s battle royale mode was going to take off. Blackout l

Best smart thermostat: Reviews and buying advice 2019-04-02 14:57:00There are so many smart thermostats to choose from today. We'll help you pick the right one.

Best VPN services: Reviews and buying advice 2019-04-02 14:38:00Choosing the right virtual private network (VPN) service is no simple task. A VPN should keep your internet usage private and secure, but not every se

Best headphones: Our top picks for personal listening 2019-04-02 13:33:00Whether you're looking for an over-the-ear, on-ear, or in-ear model, we'll help you find the perfect pair.

Microsoft has closed its e-bookstore, and everything you 2019-04-02 12:51:00Microsoft has shuttered its ebook bookstore, yet another move by the company away from selling traditional consumer goods and services, with the excep

Verizon’s dubious new Just Kids plan is a 2019-04-02 12:21:00Anyone with a child under the age of 13 knows how tricky it can be to limit screen time. Whether we’re on a 3-hour car ride or in a long checkou

Control and manage your dumb appliances with a 2019-04-02 11:49:00Adding some smarts to even dumb devices can be as easy as connecting them to a smart plug. And today, you can grab a trio of those brain enhancers for

Upgrade your PC with a powerful 8-core AMD 2019-04-02 09:50:00Newegg’s offering a juicy discount on PC parts that can serve of the heart of a computer built for productivity or playtime. The online ret

House of Marley Exodus headphone review: Sustainably sourced, 2019-04-02 09:00:00The Exodus proves that you don't need to sacrifice sweet sound for mindfully sourced and sustainably built headphones

15 instant improvements to your Samsung Galaxy 2019-04-02 06:50:00Samsung’s Galaxy S10 and Note9 are sort of like the Las Vegas of smartphones. Compared to the simple and understated approach of, say, an iPhone

Webroot WiFi Security review: A white label VPN 2019-04-02 06:00:00Webroot WiFi Security in brief: P2P allowed: No Business location: United States Number of servers: 500+ Number of country locations:&n

Sinopé TH1120RF programmable line-voltage thermostat review: A smarter 2019-04-02 06:00:00It doesn’t offer the panache of a Nest or the sensor-savvy of an Ecobee, but those smart thermostats don’t work with high-voltage heaters

FOX News

Millions of Facebook records found on Amazon cloud 2019-04-03 14:21:46A massive trove of Facebook users' information was discovered on Amazon's cloud computing servers on Wednesday. 

High school students design technologies to thwart an 2019-04-03 13:46:33What if there was a way to impede an active shooter?

Minnesota high school robotics team designs power wheelchair 2019-04-03 13:12:53A Minnesota high school robotics team constructed an electric wheelchair for a 2-year-old whose family couldn’t afford to purchase similar ones

Two teenagers hack into high school's Wi-Fi to 2019-04-03 12:49:43That's one way to get out of taking your test. 

Russian spy plane flies over Area 51 and 2019-04-03 12:05:48A Russian surveillance plane recently flew over several American military bases, including Area 51, perhaps America's most secretive military site.

Singapore to demand that Facebook, Twitter and Google 2019-04-03 08:28:48Tech giants such as Facebook Inc., Alphabet Inc.’s Google and Twitter Inc. would be required under a draft law int

NASA, MIT engineers re-imagine airplane wing, unveil futuristic 2019-04-02 14:06:32A brilliant team of engineers from NASA joined up with Massachusetts Institute of Technology (MIT) grad students, among others, to redesign the tradit

Russia is hiding Putin's location, sending ships off 2019-04-02 12:57:18The Russian Federation used electronic warfare equipment almost 10,000 times to create false GPS signals that sent ships off-grid and hid the location

Mark Zuckerberg's Facebook regulation proposals are 'self-serving and 2019-04-02 11:33:01Facebook CEO Mark Zuckerberg's call for government regulation of Big Tech is self-serving, cynical and a "monument to insincerity," according

Pentagon seeks drone-fired lasers to destroy nuclear-armed missiles 2019-04-02 08:49:31The Missile Defense Agency is engineering air-launched, high-powered, long-range laser weapons to destroy attacking nuclear-armed Intercontinental Bal

Fake news runs wild on WhatsApp as India 2019-04-01 14:20:57In India, viral fake news is lighting up Facebook Inc.’s WhatsApp messaging app as the world’s biggest democracy prepares f

Saudis hacked Jeff Bezos' phone and leaked racy 2019-04-01 13:49:51Saudi Arabia hacked the phone of Amazon CEO Jeff Bezos and is the source of private information that was published by The National Enquirer, according

TechCrunch

China’s Tencent is raising $6 billion through a 2019-04-04 06:01:54Tencent, Asia’s largest tech firm, is raising $6 billion after the Hong Kong-listed firm announced a new note sale today. Tencent last tapped th

Swedish fintech Zaver has raised $1.2M seed for 2019-04-04 04:15:21Zaver, a Swedish fintech that has built a payments platform to facilitate peer-to-peer trades and more, has picked up just over $1.2 million in seed f

Africa Roundup: Jumia files for IPO, OneFi acquires 2019-04-04 03:30:34Less than a decade ago IPOs, acquisitions, and global expansion by African startups were more possibility than reality. March saw all three from the c

Nauta Capital launches €55M ‘sidecar’ fund to double-down 2019-04-04 03:00:34Nauta Capital, the pan-European VC that invests in “capital-efficient” B2B software companies and consumer tech, has announced the closing

The Internet Archive has uploaded 450,000 songs collected 2019-04-04 02:04:36Last month, it became widely known that MySpace has lost much of the user data uploaded to it before 2016, including potentially million of music trac

Amazon reportedly removes the most obvious promotions for 2019-04-03 23:56:56If it feels like your Amazon search results have been overwhelmed with promotions for their private-label brands, like Amazon Basics, Mama Bear or Dai

SpaceX has completed the first tethered hop for 2019-04-03 22:48:54SpaceX has completed the first tethered jump for its Starship prototyped, Elon Musk confirmed in a tweet Wednesday evening. Called the Starhopper beca

Tesla first-quarter deliveries drop on challenges shipping Model 2019-04-03 20:37:09Tesla delivered 63,000 of its electric vehicles in the first quarter of the year, nearly a one-third drop from the previous quarter, the company repor

Facebook gets one step closer to building your 2019-04-03 19:28:01When it comes to representing yourself on social media, who you actually portray yourself as has always been a bit of a caricature. That thinking has

Ousted Nissan chief Carlos Ghosn says ‘I will 2019-04-03 18:48:28Carlos Ghosn, the former Nissan Motor chairman who was released on $9 million bail last month following three earlier indictments for financial wrongd

Toyota is giving automakers free access to nearly 2019-04-03 18:29:56Toyota said Wednesday it will give royalty-free access to its nearly 24,000 patents related to electrification technology and systems through 2030 in

Ruhnn, a Chinese startup that makes influencers, raises 2019-04-03 18:02:20Ruhnn, a company that enables influencers to sell through e-commerce and is plotting to change the face of China’s fashion industry, has raised

Thetechhacker

How to fix ‘No camera available’ Error in 2019-04-02 01:38:50Mac systems come with a fully functional or polished version of the Macintosh Operating System. Apple conducts various tests and several beta versions

Airy Mac YouTube Downloader Review 2019-04-01 06:37:19Downloading YouTube videos is one of the easiest tasks these days. Go to the YouTube video that you want to download, fetch the URL of the video, and

Lenovo patents a foldable phone design similar to 2019-04-01 04:44:54Lenovo has come into the discussion once again with its new patent. With many smartphone manufacturers launching foldable phones, Lenovo has also pate

Facebook announces new feature called “Why am I 2019-04-01 04:02:47Facebook has always been one of the leading social media networks for interaction. We already know that people go to Facebook or Facebook-owned WhatsA

Xiaomi launches its latest Mi Notebook Pro in 2019-03-30 08:15:28Xiaomi is known for many other products apart from its smartphones. Out of those other products, Mi Notebook lineup is one of its most popular ones. T

Oppo Reno spotted with ‘eyebrow’ pop-up selfie camera 2019-03-30 04:26:12Oppo is at it once again and this time, the smartphone is from Reno. Earlier, Oppo announced its sister brand named as Reno. This brand will release i

AirPower project cancelled by Apple because it won’t 2019-03-30 04:06:30Apple has finally made an announcement regarding its AirPower charging mat. In 2017, Apple made an announcement regarding wireless charging pad from t

How to be a Successful Freelance Programmer 2019-03-29 11:13:18An increasing number of people are looking to freelancing as a career choice. This decision comes as no surprise because it offers far more freedom an

Do you need VPN on iOS? The reasons 2019-03-29 05:39:03Most of us use iOS devices. iPhones and iPads are becoming part of our life. Usually, we use them for our financial transactions, messaging, social ne

Apple iPhone 11 rear camera design leaks once 2019-03-29 04:36:09Apple is not known to have leaks and rumors about its latest iPhone start this early. But this year has been different as we are getting leaks regardi

2019-03-29 04:35:01Just another leak seemingly confirming my January #iPhoneXI prototype leak accuracy… 😏 pic.twitter.com/qVWF59GgKr — Steve H.McFly

Google I/O 2019 schedule posted with the main 2019-03-29 03:30:14Google will hold the I/O conference in 2019 which is scheduled later this year. The company has already announced that 2019 Google I/O will take place

SlashGear

Facebook will terminate its Windows Phone apps on 2019-04-03 20:07:40Facebook has decided that its remaining Windows Phone users have had enough time to switch to a different platform: it is ending support for its famil

FDA warns some e-cigarette users have reported seizures 2019-04-03 19:09:06The Food and Drug Administration has issued an advisory that warns it has received some reports of seizures from e-cigarette users. The majority of th

Plex gets sleek new UI with improved navigation 2019-04-03 18:15:04Home media server software company Plex is rolling out its sleek new user interface on Roku and Apple TV, the company has announced. The UI brings a n

5G is a war the US is about 2019-04-03 17:48:49The US Department of Defense has warned that America could find itself conceding the guiding hand on 5G – and, as a result, wireless security in

Many Netflix US customers will pay higher rate 2019-04-03 17:27:13Back in January, Netflix announced that it would be increasing its rates for subscribers in many markets. Some customers have already been on the rece

Is this mysterious Motorola 4-camera phone a PureView 2019-04-03 16:45:22A mysterious new quad-camera Motorola smartphone has leaked, suggesting the company has more exciting things in store than just the G7 Series. Indeed,

NASA delays and extends its Boeing Starliner crewed 2019-04-03 16:36:32NASA has announced that Boeing’s first Starliner crewed test flight duration will be extended. According to the space agency, the extension will

Another huge Facebook security blunder exposes data of 2019-04-03 15:52:39Though we’re now a year out from the massive Cambridge Analytica Facebook scandal, we’re being reminded of it today with two more instance

Android Q Beta 2 arrives with zoomable microphones, 2019-04-03 15:42:19Google has launched Android Q Beta 2 for developers, giving them access to a foldables emulator, as well as zoomable microphones, multitasking Bubbles

Toyota unlocks 24,000 hybrid car patents to help 2019-04-03 15:24:55Toyota is throwing open a huge cache of hybrid and electric vehicle patents, offering royalty-free licensing for rivals wanting to get a head-start on

Shift work health risks linked to blood sugar 2019-04-03 14:56:11Shift work has been implicated in past research as a potential risk factor for developing metabolic issues and heart disease, and now a newly publishe

The 2020 Volvo V60 and XC60 Polestar Engineered 2019-04-03 14:50:49Polestar may be busy working on its Polestar 2 electric sedan, but that hasn’t stopped it rubbing some magic onto the new Volvo V60 and XC60 for

Electrek

First look at Tesla’s highly-anticipated CCS adapter 2019-04-03 13:26:17 Electrek got a first look at Tesla’s highly-anticipated new CCS adapter that should enable Tesla owners to get access to many more charging sta

Some Dems crafting climate plans while distancing themselves 2019-04-03 13:11:03 A number of Democrats are now considering proposing various policies on climate change, including clean energy mandates and carbon pricing. And many

Save on electric outdoor tools in today’s Green 2019-04-03 12:49:18 Spring is upon us, and we have a trio of green-friendly deals on electric tools to help you clean and get your outdoor spaces in order as warm weathe

Tesla Gigafactory 3 is now going up at 2019-04-03 12:12:15 Tesla is moving at an incredible pace to build Gigafactory 3 in Shanghai as a new video shows new buildings going up fast. more… The post Tesl

Renewable energy now makes up a third of 2019-04-03 10:26:20 Strong gains in solar and wind energy last year have pushed renewable energy to now account for a third of global power capacity, according to the In

Honda, Yamaha, Suzuki, and Kawasaki reportedly cooperating on 2019-04-03 10:21:40 Believe it or not, the Big 4 motorcycle makers in Japan are apparently working together on a new electric motorcycle standard. more… The post

Toyota opens patents to help save hybrid cars, 2019-04-03 09:43:35 In an attempt to encourage the rest of the industry to make hybrid vehicles, Toyota announced that it is providing “nearly 24,000 licenses roya

EGEB: Canadian solar project on former coal site, 2019-04-03 09:10:35 In today’s EGEB: A Canadian solar project at a former coal generating station is completed. GE breaks ground on its massive wind turbine. Offsh

Tesla confirms new full self-driving computer is in 2019-04-03 06:56:27 Tesla announced today that its new full self-driving computer, previously known as the Autopilot Hardware 3.0 upgrade, is now in production and the c

Dem to introduce bill that would expand electric 2019-04-02 14:58:27 A House Democrat is set to introduce a bill that would expand the electric vehicle federal tax credit in the U.S., while linking it to domestic autom

BYTON completes winter test for all-electric SUV, aims 2019-04-02 14:34:19 BYTON, a China-based EV startup, announced today that it completed its initial cold environment testing on M-BYTE prototypes, an all-electric SUV tha

Ford’s ‘Go Electric’ event in Europe goes mostly 2019-04-02 13:34:27 Ford’s “Go Electric” event in Amsterdam today revealed the automaker’s electrified vehicle lineup in Europe, but all of the n


Disclaimer and Notice:WorldProNews.com is not responsible of these news or any information published on this website.