• Follow us

Technology

Phishers Bait Hooks for Netflix, Amex Users | Cybersecurity

Cybersecurity experts at Microsoft's Windows Defender Security Intelligence Team this week reported their discovery of two new email-based phishing campaigns. One targets Amex (American Express) users while the other targets Netflix customers. Both campaigns reportedly are very well-crafted, featuring legitimate logos and even fill-in forms that closely mimic those on the respective company's own websites.

It isn't clear if these campaigns are being orchestrated by the same group, but each was launched last weekend, and each cast a wide net. The Windows Defender Intelligence Team has advised all computer users to be especially vigilant in the coming days and weeks.

Phishing attacks have increased not only in sophistication, but also in frequency. Upwards of 20 percent of phishing email recipients were convinced that the messages were legitimate and clicked on the redirecting links, according to Microsoft's security experts, who noted there was a 250 percent increase in such attacks last year.

Getting Very Personal

The recent attacks both warned of account issues, a common tactic with phishing scams. Amex customers have been receiving a "Notice Concerning Their CardMember Account," which claims that they need to go through a reauthentication process for security reasons. The message urges users to download and fill out an attached form. Based on reports, the form itself doesn't contain a virus but rather asks for highly personal information such as mother's maiden name, birth dates, PIN for the card, and even first elementary school.

The Netflix phishing attack warns users that their "account is on hold because of a problem with their last payment," and as with the spoofed Amex emails, they feature the actual Netflix logo. A link directs users to a "Billing Information" form that requests full credit card numbers including PIN, as well as Social Security numbers and other personal details.

What is notable about these respective emails and forms is how convincing they appear, including correct grammar and spelling -- an indication that the criminals responsible took the time to copy edit the content to eliminate the usual telltale typos. About the only notable giveaway with the Amex email is that it features capital letters following commas -- something that some users might not immediately recognize as a grammatical error.

Casting a Wide Net

Phishing scams tend to be rather low-tech in nature, a fact that has remained true since they first showed up on Usenet newsgroups nearly 25 years ago. Even with constant reminders from companies and security experts not to trust such emails, many people still fall victim to these attacks.

"The average consumer is not trained to think of emails in terms of the potential threat they might contain, unless they've been similarly compromised before," observed Colin Little, senior threat analyst at Centripetal Networks.

"We see Microsoft is demonstrating that they are continually trying to develop ways to stop these threats," he told TechNewsWorld.

Also worth noting is not only the scale of the attacks, but "also the context of the attack -- taking place during an overall increase in the phishing threat landscape," said Little.

"We continue to see these types of attacks because they're effective," observed Francis Dinha, CEO of OpenVPN.

"Plus, these attacks target humans over tech. That is, a hacker doesn't have to be a tech wizard to carry it out -- they just need to be able to trick the reader into clicking on a link or filling out a form," he told TechNewsWorld.

"It takes very little tech expertise to do that, because it's more of a personal con than a technical assault," Dinha explained. "People have been trying to trick each other out of resources since humanity began; we just have modern tools to do so more effectively now."

Beyond Amex and Netflix

At present, it isn't clear if this attack was sent only to actual "known" customers of Amex and Netflix or if a much wider net was cast.

"Potentially, we'll never know for sure, but that would tell us whether the attackers are using information from some prior breach to focus the effort," noted Jim Purtilo, associate professor in the computer science department at the University of Maryland.

"Sending a fake Netflix notice of account suspension to people who aren't Netflix customers is probably not very productive," he told TechNewsWorld.

"On the other hand, so many people are Netflix customers that an attacker has statistics on his or her side, and a random mail blast to a zillion collected names will score hits," Purtilo added.

The attackers also have economics on their side.

"Sending a malicious mail blast is basically free for them," said Purtilo. "Phishing is a low-overhead business that profits with the very first hapless user to respond. If the volume of phishing attempts has gone up in the last year, then that tells us it is also mostly free of legal costs. Officials just aren't keeping up."

Cutting the Net

The best defense against phishing attacks is awareness, but this is also one of those rare situations where literally doing nothing is the best course. Don't open the email, don't respond -- just ignore it.

"Education has to be the No. 1 strategy for users across the board," said OpenVPN's Dinha.

"Consumers need to educate themselves, and companies need to educate their workforce and stakeholders," he suggested.

All too often these attacks work because users haven't thought to question what they're reading, but education on cybersecurity risks teaches us to stop and question, said Dinha.

"If you've never heard of someone experiencing the consequences of a phishing attack, then you might assume it's less likely to happen to you or not that dangerous," he suggested. "But the more educated you are on what exactly can happen and how, then the more likely you are to be on alert for attacks like this. This education has to go beyond the obligatory warning to consumers -- it has to be an in-depth explanation of and understanding around the cybersecurity risks we're facing."

Low-Hanging Fruit

Phishing scams are effective for the criminal groups because, unlike other attacks, they don't require very sophisticated skills. Apart from crafting an official-looking email and spoofed website, no other technical expertise is required.

In fact, it probably isn't apt to describe the perpetrators as "cybercriminals" or "hackers," as they are more like con artists. The phishing scams work because people are fooled into supplying information, not because someone broke into a system. This is why these attacks are unlikely to go away. Even if most people delete the email from a phishing campaign, a few individuals will believe it.

"Unfortunately, we will continue to see these types of phishing attacks on consumers as long as they continue to fall for them," said Jo O'Reilly, cybersecurity advocate at BestVPN.com.

"These types of attack are a numbers game, even if only a handful of those targeted respond, then the hackers have still seen their efforts pay off," she told TechNewsWorld.

"The best way for consumers to protect themselves from phishing is to ensure they never enter personal or financial details via a link contained within an email, even an official-looking one," O'Reilly added.

"Instead, they should always open a new browser window in order to sign into any online account, whether it is Netflix, Amex or any other service, before inputting their password or any other personal information," she advised.

The good news is that security experts are closely monitoring the situation and bringing greater awareness to phishing efforts.

"This latest story shows us that Microsoft's cloud protections are attempting to do more and more to proactively protect the accounts of their users from receiving these phishing emails," said Centripetal Networks' Little. "However, it is in the nature of cybersecurity that the more innovative we are at detecting threats, the more innovative and evasive the bad guys will be -- I liken it to the Tom and Jerry cartoons."

Peter Suciu has been an ECT News Network reporter since 2012. His areas of focus include cybersecurity, mobile phones, displays, streaming media, pay TV and autonomous vehicles. He has written and edited for numerous publications and websites, including Newsweek, Wired and FoxNews.com. Email Peter.

Read More



Leave A Comment

More News

TechNewsWorld

Apple's Path to Destruction 2019-04-01 13:19:57One of the things I mention very infrequently is that I was groomed to be a CEO from a very early age. My educational background and two programs at I

New Zorin OS 15 Beta Is Worth the 2019-03-28 15:08:15The Zorin OS 15 series, released last week in beta, introduces many changes to its desktop interface and utilities. It keeps Zorin on track with its g

FTC Eyeballs ISPs' Data Privacy Practices 2019-03-28 08:00:00The United States Federal Trade Commission has announced an investigation into the privacy policies, procedures and practices of seven Internet broadb

Apple Wants Its Credit Card in Your Digital 2019-03-27 14:03:25Apple has announced a virtual credit card built into the wallet app on iPhones. Apple Card sports a number of features aimed at helping consumers lead

Apple Presents Its Spin on Entertainment and News 2019-03-26 12:28:06Apple announced a raft of new services, including original TV programming and news and magazine offerings, at an event held at the Steve Jobs Theater

Telegram Provides Nuclear Option to Erase Sent Messages 2019-03-26 08:00:00Telegram Messaging has introduced a new feature that allows user to delete not only their own comments, but also those of all other participants in th

The Future According to Nvidia 2019-03-25 13:34:42I spent last week at Nvidia's GPU Technology Conference, and I expect this will be the last year it will go by that name. The company has evolved si

Phishers Bait Hooks for Netflix, Amex Users 2019-03-22 08:00:00Cybersecurity experts at Microsoft's Windows Defender Security Intelligence Team this week reported their discovery of two new email-based phishing c

SparkyLinux Incinerates the Hassle Factor 2019-03-21 13:24:35SparkyLinux is a Linux distro that can ignite your daily computing experience. Its spark is pushing me to rethink my computing priorities. Regularly r

New Oculus Rift S Pushes VR Experience Up 2019-03-21 08:00:00Facebook unveiled its Oculus Rift S virtual reality headset at the Game Developers Conference in San Francisco. It will be available this spring for $

Google Stadia: Future of Gaming or Pie in 2019-03-20 08:00:00Google has pulled the wraps off Stadia, a new cloud-based gaming platform. Using the power of Google's global information infrastructure, Stadia can

MOREbot Introduces Kids to Robotics Using 3D Printed 2019-03-19 14:05:09MORE Technologies last week launched a Kickstarter campaign to raise $20,000 for development of its open source robot ecosystem. The company will fund

PCWorld

Best smart thermostat: Reviews and buying advice 2019-04-02 14:57:00There are so many smart thermostats to choose from today. We'll help you pick the right one.

Best VPN services: Reviews and buying advice 2019-04-02 14:38:00Choosing the right virtual private network (VPN) service is no simple task. A VPN should keep your internet usage private and secure, but not every se

Best headphones: Our top picks for personal listening 2019-04-02 13:33:00Whether you're looking for an over-the-ear, on-ear, or in-ear model, we'll help you find the perfect pair.

Microsoft has closed its e-bookstore, and everything you 2019-04-02 12:51:00Microsoft has shuttered its ebook bookstore, yet another move by the company away from selling traditional consumer goods and services, with the excep

Verizon’s dubious new Just Kids plan is a 2019-04-02 12:21:00Anyone with a child under the age of 13 knows how tricky it can be to limit screen time. Whether we’re on a 3-hour car ride or in a long checkou

Control and manage your dumb appliances with a 2019-04-02 11:49:00Adding some smarts to even dumb devices can be as easy as connecting them to a smart plug. And today, you can grab a trio of those brain enhancers for

Upgrade your PC with a powerful 8-core AMD 2019-04-02 09:50:00Newegg’s offering a juicy discount on PC parts that can serve of the heart of a computer built for productivity or playtime. The online ret

House of Marley Exodus headphone review: Sustainably sourced, 2019-04-02 09:00:00The Exodus proves that you don't need to sacrifice sweet sound for mindfully sourced and sustainably built headphones

15 instant improvements to your Samsung Galaxy 2019-04-02 06:50:00Samsung’s Galaxy S10 and Note9 are sort of like the Las Vegas of smartphones. Compared to the simple and understated approach of, say, an iPhone

Sinopé TH1120RF programmable line-voltage thermostat review: A smarter 2019-04-02 06:00:00It doesn’t offer the panache of a Nest or the sensor-savvy of an Ecobee, but those smart thermostats don’t work with high-voltage heaters

Webroot WiFi Security review: A white label VPN 2019-04-02 06:00:00Webroot WiFi Security in brief: P2P allowed: No Business location: United States Number of servers: 500+ Number of country locations:&n

Best true wireless earbuds: Free yourself from the 2019-04-01 18:15:00Truly wireless earbuds let you ditch all cables in our post-headphone jack world, but like with anything else, their quality varies. Our top picks off

TIME » Time Sections »

Master Your Inbox With These 6 Gmail Tips 2019-04-01 18:42:37With an April Fool’s birthday, Gmail has gone from practical joke to practically indispensable as far as email services go. For Gmail’s 15

Facebook Says Some of Mark Zuckerberg’s Posts Have 2019-03-30 16:53:00The company says it is unclear which posts were deleted

Review: Apple’s New AirPods Are Great if You 2019-03-29 16:12:10But existing users have less of a reason to upgrade

Apple’s AirPower Wireless Charging Mat Gets Shot Down 2019-03-29 16:08:56The product was supposed to charge multiple devices at once — wirelessly

Ride-Share Service Lyft Jumps 21% On First Day 2019-03-29 12:12:44Share were first priced at $72

Facebook Hit With Discrimination Lawsuit Over Targeted Housing 2019-03-29 00:11:57The charges accuse Facebook of allegedly allowing landlords to exclude groups, such as immigrants and minorities, from seeing housing ads

What’s the Best Weather App? Here Are 5 2019-03-28 13:27:34They're much better than the app that came with your phone

Facebook to Ban Content Supporting White Nationalism and 2019-03-27 13:22:08Civil rights groups have long pressured the company to make the change

The ‘Apple Card’ Is Apple’s New Credit Card. 2019-03-26 17:58:58It looks promising, but other cards offer better rates and perks

A French Muslim Council Is Suing Facebook and 2019-03-26 01:03:54The French Council of the Muslim Faith (CFCM) is filing a lawsuit against Facebook and YouTube

The Weirdest, Coolest Things You Can Do With Games that let you do everything from exploring new worlds to defusing a bomb

Which New ‘Reality’ Reigns Supreme?

TechCrunch

Ousted Nissan chief Carlos Ghosn says ‘this is 2019-04-09 07:01:48While the former CEO of Nissan and Renault Carlos Ghosn is currently in jail, his lawyer and communication team released a new video statement. The se

India’s Cashfree raises $5.5M from Korea’s Smilegate, Y 2019-04-09 06:55:56Cashfree, an India-based startup that specializes in making corporate banking services more accessible and easier to use, has closed a $5.5 million Se

Regulators in China are weighing a ban on 2019-04-09 06:37:15Cryptocurrency mining has become the latest target for the Chinese government seeking to phase out industries considered a drag on the country’s

One-hour terrorist takedowns backed by EU parliament’s civil 2019-04-09 05:32:19The European Parliament’s civil liberties committee (Libe) voted yesterday to back proposed legislation for a one-hour takedown rule for online

Fantasy sports platform Dream11 nets $1 billion valuation 2019-04-09 05:31:00India has a new unicorn after Dream11, an online fantasy sports service, claimed its valuation has surpassed $1 billion following a new investment. Th

Leadfeeder raises €3.1M Series A to turn website 2019-04-09 04:15:14Leadfeeder, a Helsinki-based startup that helps B2B companies generate new leads from website analytics, has closed a €3.1 million in series A fu

Target Global, the Berlin-headquartered VC, opens London office 2019-04-09 04:00:12Target Global, the Berlin-headquartered VC that has backed the likes of Auto1, Delivery Hero, Omio (formerly GoEuro) and Wefox, is opening up its firs

Watch Google Cloud Next developer conference live right 2019-04-09 03:01:45If you can’t stop dreaming about NoSQL databases, Google’s Cloud Next conference is the closest thing to heaven that you’ll find tod

Travel activities platform Klook raises $225M led by 2019-04-09 02:59:53We recently noted that SoftBank’s Vision Fund has stepped up its deal-making in Asia this year, and today it added a new company to its roster:

Blackpink’s “Kill This Love” sets new YouTube records, 2019-04-09 01:34:30Blackpink, one of the highest-profile Korean pop groups, is breaking YouTube records with its latest video. A Google spokesperson confirmed to TechCru

Rocket Lab adds satellite manufacturing to its offerings 2019-04-08 20:07:49Rocket Lab, one of the biggest startups in the NewSpace category of companies providing launch and satellite services, has added satellite manufacturi

Microsoft says its data shows FCC reports massively 2019-04-08 19:28:43The broadband divide in the U.S. is real, but if you want to know how real, don't ask the FCC. Its yearly broadband deployment report, already under

FOX News

3-year-old disables dad's iPad for 25 million minutes, 2019-04-09 00:17:35A D.C.-based journalist has apparently been locked out of his iPad for more than 25 million minutes – or, nearly half a century – after hi

C-130 gets new 'electronic propeller controls' to fly 2019-04-08 16:32:31The Air Force plans to fly its war-tested 1950s-era C-130 aircraft well into the 2030s and beyond through a sweeping, multi-pronged technical overhaul

Facebook, Google in crosshairs of new UK policy 2019-04-08 13:31:15The U.K. government plans to create a regulatory body to force the removal of harmful content from the internet, one of the most far-reaching legislat

Facebook blasted as 'morally bankrupt liars' by New 2019-04-08 12:40:50New Zealand's privacy commissioner slammed Facebook as "morally bankrupt pathological liars" as the fallout from the Christchurch mosque attacks, w

'Spaceplane' that flies 25 times faster than the 2019-04-08 08:42:40A 'spaceplane' that flies 25 times faster than the speed of sound has successfully passed a crucial testing milestone.

As Venezuela's government blocks aid and makes arbitrary 2019-04-08 08:41:16In a crumbling country where almost all but state-owned media outlets have been shuttered, food and medicine are scarce, unrest is rising and authorit

Cybercriminals still using Facebook as a black market 2019-04-08 08:22:00Want to buy stolen credit card numbers?

Vaccine wars: Social media battle outbreak of bogus 2019-04-07 14:44:14Like health officials facing outbreaks of disease, internet companies are trying to contain vaccine-related misinformation they have long helped sprea

Americans hate social media but can't give it 2019-04-07 14:32:34Americans have a paradoxical attachment to the social-media platforms that have transformed communication, a new Wall Street Journal/NBC News poll fin

Two Oregon college students accused of swindling Apple 2019-04-07 10:39:28Two Oregon college students have been accused of tricking Apple into giving them thousands of iPhones, which they then sent back to China to

Millions of Facebook records found on Amazon cloud 2019-04-03 14:21:46A massive trove of Facebook users' information was discovered on Amazon's cloud computing servers on Wednesday. 

High school students design technologies to thwart an 2019-04-03 13:46:33What if there was a way to impede an active shooter?

SlashGear

Jupiter’s poles heat up in response to solar 2019-04-09 07:50:53NASA scientists have been using telescopes on Earth to study auroras that appear at the poles of Jupiter. The scientists say that the auroras seen at

What the Linux desktop must have to become 2019-04-09 06:17:00Linux runs the computing world. It is by far the most used operating system on servers and perhaps the only OS on supercomputers. It has taken over mu

nubia Alpha bendable smartphone wristband launching this week 2019-04-09 01:31:25Samsung’s and Huawei’s foldable phones aren’t coming until next month at the earliest but nubia’s bendable phone might already

LG G7 Fit arrives in the US half 2019-04-09 00:59:48Looking for an LG-branded smartphone that looks premium but won’t break your wallet? While such phones do exist, they often exist in markets out

Verizon Galaxy S10 5G launch day revealed in 2019-04-09 00:21:04The 5G sibling of the Galaxy S10 trio is coming really soon. How soon? Pre-orders are rumored to start next week but its actual availability date has

HTC apps’ disappearance from Google Play Store raises 2019-04-08 23:46:16Samsung may now be the biggest Android smartphone maker but it wasn’t the first to believe in Google’s dream. HTC, which built up its empi

RED Hydrogen One Titanium is finally available if 2019-04-08 23:08:09RED, a company better known for its digital cinematography cameras, has had a rather interesting history with its first even and so far only smartphon

AMC plans third ‘Walking Dead’ TV show as 2019-04-08 22:35:59AMC plans to create a third zombie television series in The Walking Dead franchise, the company has confirmed. The new show will join the original The

16-inch MacBook Pro with all new design might 2019-04-08 22:00:10The biggest MacBook Pro prediction this year has just been debunked by the very person who made the prediction. While details are still very thin at t

Galaxy J is dead, long live Galaxy A 2019-04-08 21:24:09Samsung being what it is just can’t stop flooding the market with smartphones, regardless of its marketing strategy. On the one hand, it is cons

Blue light turns hydrogen peroxide into MRSA super 2019-04-08 20:53:22Hydrogen peroxide may be the surprising solution to the health care industry’s growing MRSA super bug problem. The inexpensive solution, which i

Fortnite’s Baller blocks Storm Surge damage and players 2019-04-08 20:05:45The Baller vehicle in Fortnite has been controversial since its arrival and a newly discovered “feature” isn’t helping the matter. T

Electrek

Watch Tesla Model 3 Performance complete a lap 2019-04-09 06:17:42 For the first time, as far as we know, a Tesla Model 3 Performance completed a lap at the Nürburgring race track and you can watch it on video.

Tesla Sentry Mode helps in arrest of suspected 2019-04-08 18:43:25 Tesla’s new Sentry Mode has helped in the arrest of a suspected thief in San Francisco just a few weeks after being released to the wider fleet

Texas solar boom fueled by oil and gas 2019-04-08 16:34:49 A new look at a burgeoning solar boom in Texas reveals an unlikely source behind much of the demand — oil and gas companies. more… Subs

Watch Tesla use its electric semi prototype to 2019-04-08 15:06:41 Tesla has released a video showing the first delivery of a vehicle to a customer using a Tesla Semi electric truck prototype – showing a glimps

Shell invests in natural climate solutions, new EV 2019-04-08 13:31:24 Royal Dutch Shell is continuing its recent climate-forward push as the company announced plans to invest in natural climate solutions and reforestati

Pick up a Greenworks Pro Electric Pressure Washer 2019-04-08 13:22:03 Lowe’s offers the Greenworks Pro 2300PSI Electric Pressure Washer for $199 shipped. As a comparison, it regularly sells for upwards of $29

Tesla (TSLA) holds despite 2 important price target 2019-04-08 11:44:51 Tesla (TSLA) is still in the green, albeit barely, today despite two Wall Street firms putting some pressure on the stock with important price target

US looks to launch national electric vehicle supply 2019-04-08 11:21:45 U.S. government officials are looking to develop a domestic electric vehicle supply chain that would encourage the mining of materials for automakers

After its $261 electric bike, Xiaomi is back 2019-04-08 09:24:49 Xiaomi is better known for its wide range of electronics products, including everything from smartphones to vacuum cleaners. After getting its feet w

EGEB: Skyscraper-high solar tower in Israel, solar rebound, 2019-04-08 09:08:25 In today’s EGEB: The world’s largest solar tower has been completed in Israel. The expected solar industry rebound is taking shape &mdash

Tesla is working on in-car video playback, will 2019-04-08 08:56:08 Tesla CEO Elon Musk reiterated that owners will be able to watch videos on the large screens inside its vehicles and link the feature to the deployme

Tesla fired most employees in a service center 2019-04-08 05:48:49 Tesla fired most employees in its only service center in Calgary for being ‘inappropriate’. It sent local owners in a panic, but the auto


Disclaimer and Notice:WorldProNews.com is not responsible of these news or any information published on this website.