Fraudsters have launched a new scam campaign where they offer WhatsApp users one year of free membership access to Netflix. An attack begins when a user receives a message about gaining free access to the streaming service from one of their WhatsApp contacts. The message appears to come from the Netflix domain. But careful inspection of the shortened URL reveals otherwise.
Spanish version of the Netflix-themed WhatsApp scam. (Source: ESET) If a user doesn't spot that discrepancy and clicks on the link, the scam directs them to an external domain unrelated to Netflix. This page has the ability to automatically detect a device's language and display its contents accordingly. It also uses a trusted certificate.
The scam's external Netflix-themed page. (Source: ESET) The page is just a ruse to trick users into sharing the message with their WhatsApp contacts. Specifically, it wants the user to share the fraudulent link with at least 10 of their friends. It uses a counter to verify this. After the user shares the message, the scam enters into its final phase. Lucas Paus, senior security researcher en ESET Latinoamérica, explains what follows from this stage:
"Then, the victim is redirected to pages that falsely claim that they are on the 'final step' to achieve activation, when what is really happening is that they are stealing information from users’ mobile phones for different types of subscriptions, or opening the system’s messaging application in order to send an SMS to a premium number with a certain text or even encouraging users to download applications from unofficial sites."
This isn't the first time fraudsters have abused WhatsApp, and it's not their first Netflix-themed lure, either. Bad actors will without a doubt continue to leverage social media platforms such as WhatsApp and trusted brands like Netflix to trick unsuspecting users. With that in mind, users need to be vigilant against offers that appear too good to be true. They also need to exercise caution around suspicious links and messages.
If you fell for the scam above, notify your contacts not to click on the link you sent them. You should then review your phone for any new applications you downloaded via the scam and uninstall them immediately. Finally, you should contact your mobile service provider and verify with them that the scam did not subscribe your phone number with any premium SMS services.
Meet Fortra™ Your Cybersecurity Ally™
Fortra is creating a simpler, stronger, and more straightforward future for cybersecurity by offering a portfolio of integrated and scalable solutions. Learn more about how Fortra’s portfolio of solutions can benefit your business.
