The coronavirus pandemic has resulted in several chain reactions, one of which, unsurprisingly, involves the surge in Netflix subscribers during the lockdown. Quarter 2 saw the streaming service boast a record-breaking 10.1 million new subscribers, a substantial increase from the previous year’s 2.7 million in Q2. This brings Netflix’s total net new subscriber count to a whopping 26 million for the first half of 2020. Why is this important? Because we’ve also seen a massive 667% increase in coronavirus-related phishing scams since early March, and it doesn’t stop there. You might be thinking, why is Netflix so significant? The answer lies in Webroot’s real-time anti-phishing protection system.
One reporter was able to get information from Webroot about the growth of targeted phishing URLs from March to July as compared with data from the same time last year. The data showed how cybercriminals were tricking people by disguising their emails to look like they were coming from legitimate companies. Well, for this period, phishing URLs targeting Netflix users were up by 646%.
What does this mean?
Hackers are connecting the dots. They realize that the pandemic has produced a massive upscale in Netflix subscribers, and they see a greater number of targets who may fall for their phishing scams.
I, myself, get these emails quite often through an old address I hardly use anymore, and I don’t even have a Netflix account! I never have, but hackers can’t differentiate, so they’ll send their scam emails to anyone just to see if they get a bite. And I admit, the email was believable at first. It was almost believable enough to make me second guess myself and think, did I make an account and just forget about it? But no, I recalled what I’ve learned about phishing emails and eventually realized it was a fake. Unfortunately, there are still many people who don’t know what to look out for when facing an email that may or may not be legitimate and imagine how easily one could be deceived when they actually DO have an account!
What can you do?
The best thing you can do is educate yourself and spread awareness. Phishing scams are getting more sophisticated, and the tactics used are heavily dependent on current events, so keep that in mind when looking through your inbox. Don’t think that just because you can spot a poorly written phishing email, you can spot them all. Here are some key things to watch out for when trying to determine if an email is suspicious or not:
- The sender is using a public domain - (e.g. @gmail.com)
- The sender is using a misspelled domain - (e.g. Netf1ix.com instead of Netflix.com) This is also called ‘Typosquatting’ and is extremely common.
- The email is poorly written – It contains spelling/ grammatical errors or sounds too generic/formal.
- The email has suspicious attachments or links – NEVER click on links or attachments from an unknown or unverified sender, they are likely malicious.
- The email tries to create a sense of urgency – Hackers know that if you look at an email for too long, you’ll start to notice their mistakes. They will try to get you to do something quickly (e.g. Pay NOW, or You MUST change your password).
For organizations, one phishing email could collapse an entire network and cause catastrophic damage. The best way to avoid such a scenario is to train every employee on the dangers of phishing emails with security awareness training that includes phishing simulations. It’s not enough to just tell employees about the dangers, they need to experience them through real-world scenarios.
Netflix is fully aware of this threat and has provided resources to help. If you receive a suspicious email claiming to be from Netflix, forward the email to firstname.lastname@example.org to be investigated. Keep in mind, Netflix will never ask for your sensitive account information by email or text message. It will also never ask you to pay for your account through a third-party like Paypal.
Learn more about how TechGuard Security can help your organization avoid a Phishing-related incident.
Written by Elizabeth Dasenbrock
Elizabeth Dasenbrock is a marketer/graphic designer whose mission has always been to creatively express stories and ideas. Her skill set allows her to convey concepts to particular audiences in a visually appealing way. At TechGuard, she works on the marketing team with a focus on graphic design. In her free time, she can usually be found working on personal creative projects, tending to her houseplants, or spending time with friends and family.