Fraudulent Netflix site wants to leave you high and dry

August 29, 2014 | BY

We’ve seen countless fake pages purporting to be a bank or a popular shopping site that ask you for personal information.

This type of scam is called phishing and typically starts with an urgent-looking message in your inbox. Upon following the directions (typically clicking on a link), you’re taken to a page that looks like an exact replica of the genuine company.

Eric Lawrence, creator of the famous Fiddler web debugger, spotted a phishing attack targeting Netflix customers. Readers of this blog may remember a similar one we identified several months ago.

This new one is more sophisticated (better graphics, etc) although it does not have the tech support scam element but instead goes after your identity and wallet.

This slideshow requires JavaScript.

The bogus domain (IP address: was registered a few days ago through the “Crazy Domains  FZ-LLC” registrar.


The information requested on the phishing page includes name, address and credit card details. It’s sent back to the bad guys’ server with multiple POST requests such as the one below:



Note the clever use of a long URL that resembles the genuine one and that may be particularly effective on mobile devices:


We are reporting this site to the registrar and hosting company so that it can be taken down as soon as possible.

Phishing scams are always getting more elaborate and unfortunately very hard to block because they keep popping up on new domains, registrars etc. truly making this a cat and mouse game between crooks and the security community.

While many web browsers (Internet Explorer, Google Chrome, Mozilla Firefox) do have anti-phishing technology that blocks access to fraudulent sites, there often is a bit of a lag between the time a new site comes up and when it gets blacklisted.

The best defence against these scams is awareness and suspicion from any email purporting to be from a company you deal with.

There are some telltale signs to recognize phishing attacks such as poor grammar, spelling mistakes or obviously unrelated URLs as well as a general ‘urgency’ in the tone of the message.



  • The only T

    They will never give up….

    The best thing is to never click on a link in an email

  • Iona Erofeeff

    Or to right-click on the link, and select “Copy Link Location.” Then, paste it into word, your URL bar, or really any place you can paste it. Finally, you will see if the link is authentic. (Of course, if it isn’t, don’t follow the link.) Scammers use the ability to put any text to a link to their advantage.

  • Pingback: Fraudulent Netflix Site Wants To Leave You High And Dry - nickelberg()

  • Pingback: Netflix phishing page hosted to steal credit card details | SecTechno()

  • Pingback: Tech Thoughts Daily Net News – September 2, 2014 | Bill Mullins' Weblog - Tech Thoughts()

  • Ben Drinkwater

    i do have a way to defeat the scammers just open up a new tab and go to the website the email was telling you by typeing it in and then do what the email told you to do

  • Zee Flynn

    Moral of the story? What on earth are you using lame Netflix for in the first place? There are substantially better services, offering a great deal more and a fraction to none of the price.

  • Eric Mazzi

    ??Why do you think your programs are exempt, they are just as much of a target there is no sacred ground here

  • Thom J Greco

    The domain registration is a dead give away

  • Louie Guertin

    Monsieur, not everyone is zee Flynn.

  • Sydney

    What do you use?

  • Ograf

    Name one such service ?

  • Jay P.

    Please share these “better services” for us then.

  • ShinGokuraku

    “This is so simple even a liberal can do it.”
    “(this part is probably too difficult for a liberal)”
    Your condescending attitude toward people who think differently than you is sad. I’m sorry to say that to you. However, your advice is very sound and quite good! (even though it’s basic advice.)

  • Julie A. Dwight

    What I do is this: I hover my mouse over the link and read what it says in the bottom left corner. Also, last week, my friends name (exactly first and last name) showed up in my spam folder. I thought that was strange so I hovered my mouse over her name and it wasn’t her email address. It was some address I’d never seen before. So I told her (didn’t click anything within the email) and deleted it.

  • Pingback: Netflix Phish Rehash Polices Its Visitors | Malwarebytes Unpacked()

  • bwhiteman

    if you need a hacker for any fom of hacking you can reach me on

  • bwhiteman


    We render the following services and lot more at affordable price and If you refer clients to us as a result of the previous job done for you, you will stand a chance of getting any job of your choice hacked for you free of charge.

    # University grades changing

    # Bank accounts hack

    # Twitters hack

    # Email accounts hack. Gmail, yahoomail, hotmail etc.

    # Grade Changes hack

    # Website crashed hack

    # server crashed hack

    # Retrieval of lost file/documents

    # Erase criminal records hack

    # Databases hack

    # Visichat Room hack

    # Sales of Dumps cards of all kinds

    # Untraceable Ip

    # Individual computers hack

    # Websites hack

    # Facebook hack

    # Control devices remotely hack

    # Burner Numbers hack

    # Verified Paypal Accounts hack

    # Any social media account hack

    # Android & iPhone hack

    # Word Press Blogs hack

    # Html pages hack

    # Text message interception hack

    # Email interception hack

    # Skype hack

    # Credit cards hacker

    # We drop money into bank account etc.

    # We also do western union transfer in less than 3 hours you have your MTCN.

    Email us at for further inquiries.