A new scam by hackers disguising themselves as Netflix tech support has the ability to steal an abundance of private data right off of users’ computers.
Malwarebytes reports the scam is based off a website masquerading as Netflix, which prompts users to enter their Netflix login credentials. After that, it displays the following error message:
“We have detected unusual activity on this account. To protect this account from unauthorized use, we have temporarily suspended this username. To regain access to your account please contact member services at 1-800-947-6570.”
After calling the number, a scammer identifying himself as a Netflix customer care representative will instruct the user to download and install “Netflix Support Software,” which in reality is a remote PC login program called TeamViewer.
“After remotely connecting to my PC, the scammer told me that my Netflix account had been suspended because of illegal activity,” Jerome Segura wrote for Malwarebytes. “This was supposedly due to hackers who had infiltrated my computer as he went on to show me the scan results from their own ‘Foreign IP Tracer’, a fraudulent custom-made Windows batch script.”
Segura monitored the scammers as they infiltrated his computer and stole anything that looked valuable, including a fake file he labeled “banking2013.doc.” While digging through his computer, a scammer explained the bogus fix to Segura and offered him $50 in fake Netflix credit for the inconvenience.
Malwarebytes posted a video over the weekend detailing the scam, with the warning to never enter your Netflix credentials into any website other than Netflix.com.