Shocking Netflix ‘hijacking' that uses convincing trick to empty your bank account exposed as TV fans told ‘be careful'

NETFLIX users are being warned of a scam that could see them vulnerable to having their personal data stolen.
Cyberprotection company, Malwarebytes, issued the serious warning for people who search for tech support numbers online and that hackers were using sponsored ads to fool unsuspecting punter.
The company explained that "cybercriminals frequently use ads directing to a malicious site to take advantage of our trust in sponsored search results for popular brands."
It found in a recent ruse, that support scammers were hijacking the results of legitimate sites.
How they pull off their scam is that they will pay for a sponsored ad on Google pretending to be a major brand and while that will usually lead to a fake website, there were some cases people were to a brand's legitimate site, "but with one small difference."
The company used photos showing how the address bar on a website that a person was taken to after unknowingly clicking on one of these dodgy ads looked legitimate, but "the results had been poisoned to display the scammer's phone number instead of the business' real number."
"When you call the scam number, the scammers will pose as the brand with the aim of getting you to hand over personal data or financial information, or even allow them remote access to your computer," Malwarebytes wrote on X, formerly Twitter.
It then showed examples of how scammers had manipulated the real Netflix site but a "fake number appears in what looks like a search result, making it seem official."
"This is able to happen because Netflix's search functionality blindly reflects whatever users put in the search query parameter without proper sanitization or validation," the company explained.
"This creates a reflected input vulnerability that scammers can exploit."
Netflix was just one example of the scammers' grit, Malwarebytes also found other brands that were targeted included, PayPal, Apple, Microsoft, Facebook and HP.
Malwarebytes suggested people install browse guards on their computers to protect them from the elaborate scams.
Netflix reveal huge list of movies and TV shows being axed next month – with some children's favourites in the mix
Outside of installing the browser guard, people can also protect themselves from this kind of scam in a number of different ways.
Red flags to look out for include, a phone number in the URL, suspicious search terms like 'Call Now' or 'Emergency Support' in the address bar of the browser, an excess of encoded characters alongside the characters,such as, %20 (space) and %2B (+ sign) along with phone numbers.
Other warning signs include, the website showing a search result before you entered one, an in-browser warning for known scams, and urgent language displayed on the website.
How to spot a dodgy app
Detecting a malicious app before you hit the 'Download' button is easy when you know the signs.
Follow this eight-point checklist when you're downloading an app you're unsure about:
Check the reviews - be wary of both complaints and uniformly positive reviews by fake accounts.
Look out for grammar mistakes - legitimate app developers won't have typos or errors in their app descriptions.
Check the number of downloads - avoid apps with only several thousand downloads, as it could be fake.
Research the developer - do they have a good reputation? Or, are totally fake?
Check the release date - a recent release date paired with a high number of downloads is usually bad news.
Review the permission agreement - this agreement gives permission for the app to take bits of your data, and fake apps often ask for additional data that is not necessary.
Check the update frequency - an app that is updated too frequently is usually indicative of security vulnerabilities.
Check the icon - look closely, and don't be deceived by distorted, lower-quality versions the icons from legitimate apps.
All of this information will available in both Apple's App Store and the Google Play Store.
"And before you call any brand's support number, look up the official number in previous communications you've had with the company (such as an email, or on social media) and compare it to the one you found in the search results. If they are different, investigate until you're sure which one is the legitimate one," said Jérôme Segura, senior director of research of Malwarebytes.
"If during the call, you are asked for personal information or banking details that have nothing to do with the matter you're calling about, hang up."
2

Try Our AI Features

Explore what Daily8 AI can do for you:

Learn with AIFact CheckingText to SpeechAI Summary

Related Articles

Daily Mail​

30 minutes ago

• Daily Mail​

Clinton donor and lobbyist's chilling threats against Minnesota capitol days after Democrat lawmakers were shot

A Minnesota lobbyist is facing felony charges after he allegedly threatened to shoot people at the Minnesota State Capitol just days after a lawmaker in the state was assassinated and another critically injured. Jonathan Michael Bohn - who has made numerous donations to Democratic causes including Hillary Clinton 's presidential campaign - was arrested on Wednesday after making the threats via text message. The 41-year-old Bohn works as the public affairs director of the Inter Faculty Organization (IFO). He made his first appearance in Carver County District Court on Friday. In court, prosecutors said he had texted someone that he was 'excited to have his gun at the capitol and blow someone's effing face off'. The criminal complaint, seen by KARE11, prosecutors claim he also said that: 'After January 6, I bought a pistol. 'Today I bought 500 bullets. I can't wait to shoot one of you mother******* in the face,' he wrote. Officials said that a search of his home uncovered a firearm and he was placed under arrest. According to the Minnesota House GOP, the text was received by a constituent of Rep. Jim Nash who then reported it to the authorities. The outlet also reported that Bohn cried throughout his first appearance as Judge Eric Braaten set his bond at $1 million and ordered him to not contact the person he had text. Bohn was also ordered to stay at least a half a mile radius away from the Capitol complex. His attorney, John Lesch, said Bohn was engaged in a political argument when he made the comments. Lesch contended that the remarks were inappropriate but didn't mean to convey an actual intent to harm anyone. He told the court that Bohn had been angered by a post that had mocked two of his friends, Rep. Melissa Hortman and Sen. John Hoffman. Hortman was murdered last week alongside her husband Mark, while the same gunman also attempted to kill Hoffman and his wife. Authorities say Trump supporter Vance Boelter, 57, is responsible for the killings, he was arrested late on Sunday night following an extensive manhunt. Boelter was charged with a total of six federal counts - two for stalking, two for murder, and two for shooting and firearms offenses. He already faces state charges, including murder and attempted murder. In a statement, Bohn said: 'I condemn violence in all its forms, and I agree with the calls from public officials and community leaders to turn down the temperature of our political discourse. 'I failed to do that here. I am profoundly sorry that my words have created a distraction during this time of collective mourning. 'This moment demands unity, compassion, and reflection — and I am committed to being part of that healing.' In a bio on the IFO site, it says: 'In the halls of the Capitol, Jonathan is regarded as a well-connected advocate who has worked on a variety of issues leading to legislative victories.' State records say he has been registered as a lobbyist with the firm since 2015, and works in the area of higher education. The IFO is a union that represents thousands of faculty at the seven state universities in Minnesota. He has been placed on leave following the allegations. IFO President Jenna Chernega said in a statement: 'We are monitoring developments closely, cooperating as needed with law enforcement and will continue to keep our members informed. 'As an organization, we remain committed to respectful, values-driven engagement with lawmakers, community partners, and one another – even in difficult moments.' Federal Election Commission data also reveal he has donated Democrat PAC ActBlue numerous times, as well as the Hillary for America campaign.

The Independent

an hour ago

• The Independent

Wisconsin, NIL collective sue Miami, allege tampering and NIL inducements to land football player

The University of Wisconsin and its NIL collective VC Connect filed a joint lawsuit on Friday against the University of Miami alleging it knowingly induced one of the Badgers ' football players to abandon a lucrative name, image and likeness contract to play for the Florida this upcoming season. The 23-page suit, which was filed in state court in Wisconsin and obtained by The Associated Press, could have a a wider impact on future NIL deals across college athletics. The player in question in the filing is referred to only as 'Student-Athlete A." But the case summary describes facts that line up with the situation involving cornerback Xavier Lucas, who last December announced his plans to enter the transfer portal. Shortly afterward, Darren Heitner, who has been representing Lucas, indicated that Wisconsin was refusing to put Lucas' name in the portal and that it was hindering his ability to talk with other schools. In January, Heitner announced that Lucas would be playing for Miami this fall. The situation is fallout from the rapid changes engulfing college athletics, specifically a combination of two things: Athletes went to court and won the ability to transfer with much more freedom and the 2021 NCAA decision clearing the way for them to strike NIL endorsement deals now worth millions of dollars. That has changed the recruiting landscape and forced the issue of contracts and signed commitments to the fore. 'Indeed, student-athletes' newfound NIL rights will be rendered meaningless if third parties are allowed to induce student-athletes to abandon their contractual commitments,' a portion of the lawsuit reads. Wisconsin said in January that it had credible information that Miami and Lucas made impermissible contact with each other before the former Badgers cornerback decided to transfer. Wisconsin and VC Connect allege that the inducement for Lucas to attend Miami happened within days of him entering his NIL agreement to play for the Badgers, and that they incurred substantial monetary and reputational harm. The lawsuit seeks unspecified monetary damages and 'a declaration that Miami's conduct directed towards Student-Athlete A constituted tampering.' A message left with the University of Miami seeking comment was not immediately returned. In a text message Friday, Heitner declined to comment on the lawsuit but he said that Lucas still plans to attend Miami and play football. Wisconsin said it had the support of its leadership and the Big Ten Conference in filing the lawsuit, noting its commitment to "ensuring integrity and fundamental fairness in the evolving landscape of college athletics." 'While we reluctantly bring this case, we stand by our position that respecting and enforcing contractual obligations is essential to maintaining a level playing field,' the statement said. "In addition to our legal action, we will continue to be proactive to protect the interests of our student-athletes, our program and the broader collegiate athletics community. Lucas, who is from Pompano Beach, Florida, had 12 tackles, an interception and a sack as a freshman for Wisconsin last season. Heitner said that Lucas hasn't received any money from Wisconsin and therefore owes no money to the school. Heitner also argued that Wisconsin had violated an NCAA bylaw by not entering Lucas into the transfer database within two business days of the player's request. Wisconsin issued a statement at the time saying it hadn't put Lucas' name in the portal because he had entered a two-year binding NIL agreement. In April, the surprise transfers of brothers Nico and Madden Iamaleava from Tennessee to UCLA prompted fresh questions about contracts and buyouts. Nico Iamaleava, who led Tennessee to the College Football Playoff last season, walked away from a reported $2.4 million NIL contract. Arkansas freshman quarterback Madden Iamaleava entered the portal after spring practices wrapped up. Arkansas athletic director Hunter Yurachek released a statement indicating he would support efforts by the Razorbacks' NIL collective to enforce buyout clauses in athlete contracts. Iamaleava reportedly had a contract valued at $500,000 upon signing with Arkansas. ___

The Independent

an hour ago

• The Independent

ChatGPT use linked to cognitive decline, research reveals

Relying on the artificial intelligence chatbot ChatGPT to help you write an essay could be linked to cognitive decline, a new study reveals. Researchers at the Massachusetts Institute of Technology Media Lab studied the impact of ChatGPT on the brain by asking three groups of people to write an essay. One group relied on ChatGPT, one group relied on search engines, and one group had no outside resources at all. The researchers then monitored their brains using electroencephalography, a method which measures electrical activity. The team discovered that those who relied on ChatGPT — also known as a large language model — had the 'weakest' brain connectivity and remembered the least about their essays, highlighting potential concerns about cognitive decline in frequent users. 'Over four months, [large language model] users consistently underperformed at neural, linguistic, and behavioral levels,' the study reads. 'These results raise concerns about the long-term educational implications of [large language model] reliance and underscore the need for deeper inquiry into AI's role in learning.' The study also found that those who didn't use outside resources to write the essays had the 'strongest, most distributed networks.' While ChatGPT is 'efficient and convenient,' those who use it to write essays aren't 'integrat[ing] any of it' into their memory networks, lead author Nataliya Kosmyna told Time Magazine. Kosmyna said she's especially concerned about the impacts of ChatGPT on children whose brains are still developing. 'What really motivated me to put it out now before waiting for a full peer review is that I am afraid in 6-8 months, there will be some policymaker who decides, 'let's do GPT kindergarten,'' Kosmyna said. 'I think that would be absolutely bad and detrimental. Developing brains are at the highest risk.' But others, including President Donald Trump and members of his administration, aren't so worried about the impacts of ChatGPT on developing brains. Trump signed an executive order in April promoting the integration of AI into American schools. 'To ensure the United States remains a global leader in this technological revolution, we must provide our Nation's youth with opportunities to cultivate the skills and understanding necessary to use and create the next generation of AI technology,' the order reads. 'By fostering AI competency, we will equip our students with the foundational knowledge and skills necessary to adapt to and thrive in an increasingly digital society.' Kosmyna said her team is now working on another study comparing the brain activity of software engineers and programmers who use AI with those who don't. 'The results are even worse,' she told Time Magazine.