- Spotify will soon let you block R. Kelly Monday 6:01 PM
- New Click to Pray app lets you pray with Pope Francis Monday 5:30 PM
- Social media influencer known for hiking in bikinis dead at 36 Monday 4:54 PM
- Trump posts altered pics on social media to make fingers look longer, report Monday 3:20 PM
- Twitch user banned after telling woman to ‘kill yourself’ during stream Monday 3:06 PM
- Facebook introduces ‘Community Actions’ tool to petition the government Monday 2:04 PM
- Sarah Sanders, NRA deliver truly misguided MLK tributes today Monday 12:58 PM
- MAGA teen who confronted Native elder says he ‘respects all races’ Monday 12:57 PM
- Popular YouTube channel in danger of disappearing because of copyright claims Monday 12:24 PM
- The Krassensteins’ Reddit AMA gets trolled off the internet Monday 12:08 PM
- No, Trump didn’t break open the Pizzagate scandal in 2011 Monday 11:23 AM
- Producer of anti-abortion film says Facebook refuses to run his ads Monday 10:58 AM
- Ja Rule thinks he was also a victim of Fyre Fest Monday 10:21 AM
- YouTube beef between RiceGum and H3H3 gets ugly—and personal Monday 10:02 AM
- ‘Fox & Friends’ accidentally airs obituary graphic for Ruth Bader Ginsburg Monday 9:40 AM
Here’s what to do about it.
According to a new report from Symantec, your Netflix account might be used for Netflix and Chill without your knowledge. The streaming service has become a regular target of malware and phishing attacks that is landing compromised accounts on a black market.
One method that has come to prominence recently is a trojan called Infostealer.Banload. The malicious software steals personal information, including bank accounts, from computers it’s installed on. The trojan is generally installed through a download acquired by users who click on advertisements promising cheap or free versions of Netflix. It’s disguised to look like an official Netflix executable file.
According to Symantec, the Infostealer.Banload trojan has primarily affected users in Brazil, a country where piracy has been notoriously common. According to a 2014 study from the Business Software Alliance (BSA), more than 50 percent of all software licenses in Brazil are not original.
Netflix has been successful in the country; it launched in Latin America in 2011 and has become a popular option for movie fans in Brazil, and has been cited as one of the reasons for the downward slope of piracy in the nation.
The temptation for free access isn’t the only thing driving the rash of stolen accounts, though; phishing efforts that suggest to users a need to secure their accounts actually tricks them into surrendering their credentials. The emails often suggest to recipients that their account information needs to be updated or that a problem occurred with their monthly payments. Clicking on the link redirects to a fake site that steals the account information entered by the user.
“Netflix’s popularity, lineup of original content, and recent global expansion to more than 190 countries around the world makes Netflix an attractive target for phishing and other malicious attacks,” Satnam Narang, senior response manager for Norton by Symantec, told the Daily Dot.
What happens to the accounts that get stolen? They often land on the black market, where scammers offer up the emails and passwords that belong to gullible users who give them up. Sold for a fraction of the cost of a standard Netflix subscription, the hidden marketplace takes advantage of the fact that Netflix commonly lets users stream from multiple devices.
The sellers of these stolen logins often request that purchasers not change the passwords, as doing so would tip off the account owner that they were compromised.
Narang said these trades for stolen subscription services are “fairly commonplace” in darker corners of the Web—and for more than just Netflix. “Where there is demand, there will be supply, so the black market for access to these services for relatively cheap will persist,” he said.
Netflix securely stores payment information, so the stolen accounts amount primarily to an inconvenience—but one that users would still likely prefer to not fall victim to. Keeping an eye on account activity, including recently watched shows, is the easiest way to spot strange behavior. Larger breaches can be checked on services like Have I Been Pwned?
Narang suggests users access their Netflix account through a browser, go to the settings and choose to sign out of all devices, then change the password for the account. He also recommended visiting the activity page on their account and checking for recent logins from unknown locations.
Netflix did not offer specific remedies for the malware of phishing attacks highlighted by Symantec, simply pointed to its database of security advice. “We also pro-actively monitor our member accounts for fraud and alert members if we see anything suspicious,” a spokesperson told the Daily Dot via email.
AJ Dellinger is a seasoned technology writer whose work has appeared in Digital Trends, International Business Times, and Newsweek. In 2018, he joined Gizmodo as the nights and weekend editor.