Phishing is an increasingly common type of computer security threat. Basically, it consists of deceiving the victims in order to steal certain confidential information. To do this, they impersonate third parties, either imitating one of their communications, with a fairly similar domain or with a website that copies the design of the original. From time to time, some of these threats are made public and we are obliged to spread their existence to prevent more people from falling into the thymus. The last one is related to Netflix and arrives by email.
Email and SMS remain the preferred form of phishing. By these means, cybercriminals make a communication that mimics the originals of a company (in this case Netflix) and provide us with a link that is where all our problems begin. This link usually takes us to a malicious website that mimics the appearance of the original, but only has one objective: to steal our username and password or our payment information (credit card, etc.).
Netflix is not going to ask you to verify your account suddenly
It must be recognized that phishing is increasingly elaborate and, except on certain occasions, is usually quite convincing. In fact, the language used or misspellings are used to detect it quickly, although this is not the case at this time. The last security alert has been issued by the Office of Internet Security , OSI for its acronym, under the National Institute of Cybersecurity (in turn under the Ministry of Economic Affairs and Digital Transformation.
In the alert they explain that it is a new phishing to Netflix in which it arrives by email with the subject “Verify your account” and contains a message pretending to be the Netflix team with a link to a page like the one we show in the previous Twitter message.
As we can see, it is a website that perfectly mimics the aspect of Netflix and that asks us to enter the access credentials, that is, the username and password. Obviously, we should not introduce them under any circumstances. In this case, they reveal themselves perfectly when using the domain “cherryland.de” instead of “netflix.com” (the real one).netflix . com ”(the real one).
The domain is one of the first things we should look at when entering access credentials. In any case, it doesn’t make much sense for Netflix to ask us to verify the account overnight. In addition, in case of doubt, it is best to access Netflix directly or contact them, but never click on the link of the suspicious email.
