This Creative Phishing Scam Uses Netflix Job Offers to Steal Facebook Credentials

The crooks are becoming more and more creative in the targeting of their phishing campaigns: a new attack identified by malicious malware laboratories seems to be specifically intended for job seekers in marketing and social media roles which can have access to Facebook business accounts belonging to their current employer.

The final objective, in addition to stealing identification information, could be to compromise said business accounts by disseminating malicious advertisements on the penny, demanding a ransom or by broadcasting additional scams depending on the confidence of customers in the brand.

Netflix imitators target potential employees

This campaign begins with an email that seems to come from the Netflix recruitment team. It starts with a certain flattery and continues to describe an opening for a leadership role, such as the vice-president of marketing, which is likely to make sense for the recipient. The screenshot of Malwarebytes Labs displays the e-mail address of the sender as talents[at]Netflixtalentnurture[dot]com, which, although not the official domain of Netflix, is somewhat plausible.

This scam is probably not a threat unless you respond to the initial email. You should not, but if you did, you will receive a second message with an invitation to plan an interview with “the Netflix HR team”. By clicking on the planning link, he will (false) take (false) interview locations to choose, and if you select one, you will be invited to create or connect to your Netflix “career profile” account.

This is where the risk increases considerably. You can select “Continue with Facebook” or “Continue with emails”, which will lead you to a Usurpé Facebook connection screen. If you enter your identification information, the attackers have it now and can instantly connect to your real Facebook account. If you have configured two factors for Facebook, they can even ask and enter your code according to the method you use.

The Malwarebytes team has found that if you incorporate your username and password into an incorrect manner, you will receive an appropriate response from “The password you have entered is incorrect.” Please try again! ” This makes the connection page itself a particularly sophisticated element of this attack, because the actors of the threat can intercept and use your information in real time.

Job Scam Red Flags

This Netflix-to-Facebook work scam is relatively sophisticated in which it targets, how it uses the names of confidence of confidence and its approach in several stages to phishier your information, but there are red flags.

Rediscovering to Facebook to plan an interview is a red flag, although it is not the most obvious. Many users are used to using Facebook and Google to connect to third -party sites. If you really check the URL on the redirected connection page, however, No A Facebook domain.

You must always examine URLs for emails and links before clicking by flying over them – in this case, none of the websites live on official Facebook or Netflix areas. If you open a web page, carefully examine the address of the browser bar to identify counterfeits. The crooks use the brand of the company to reveal the almost indistinguishable fraudulent site of a real one.

Although you may have received legitimate messages from recruiters by e-mail or on LinkedIn, you should always be wary of offers for the positions for which you have not applied or this sound too good to be true. Do not click on the links without checking the sender, and does not enter the connection identification information and does not provide sensitive information along the way.

There are other common scams that involve unlisted offers for dream posts which are entirely distant and very remunerated. Scholars can also pretend to be headhunters and ask you to pay fees for their request and placement services. Do not pay to anyone for something related to hiring or integration (unless you have searched for a professional) or agree to deposit checks or buy gift cards, as it almost always ends with the loss of money.