Blog | Vade

3 Ways Cybercriminals Hack into Netflix Accounts

Written by Adrien Gendre | August 15, 2019

Today’s Internet users aren’t the surfers of the past: we are consumers, and hackers understand this. When one person is shopping on Amazon, another is shopping on Alibaba or eBay. When one person is watching the new popular series on Amazon Prime, another person is doing the same on Netflix. There are now a multitude of on-demand services, and Netflix is one of the most popular, with more than 148 million subscribers globally.

But the streaming platform’s strong growth has been accompanied by an uptick in hacking and all kinds of scams. The graphic below from Vade Phishers’ Favorites report shows the growth of Netflix phishing in Q1 2019 alone. In Q2 of 2019, Netflix came in at #4 on the list of the top brands in phishing attacks.

User accounts on this type of online platform present high value on the net’s hidden black markets, with several hundred thousand accounts available for sale. Hulu, HBO Now, DirectTV, Spotify Premium, Brazzers, Pornhub, CBS, NBC, and of course Netflix, are just a handful of the brands whose pirated accounts sell for between $1.50 and $3.00 apiece on the black market.

But how do hackers hack into an account? Being informed is a first step in learning to protect yourself. 

1. Well-executed Phishing Campaigns

Netflix is one of the most spoofed brands in the world for phishing attacks. Email spoofing means that the email is impersonating the brand. The email is designed to invite the recipient to take action: to click on a link releasing malware, to pay an invoice online, enter account credentials, or enter bank account information.  According to our Phishers’ Favorites Q2 2019 report, Netflix phishing emails are most common on Mondays and Wednesdays.

Not all pages have the same purpose. Some spoof the account creation and payment page, while others spoof the account login page.

The account creation page.

Login page

Hackers also create email campaigns using the company's email model to promote the release of the new season of a popular show. It’s also common for Netflix users to receive a phishing email asking them to reactivate their account or update their payment details. Cybercriminals often include legitimate Netflix links—up to seven in each email—in an attempt to bypass both email security filters and end users.

2. Telephone Service Provider Accounts

The second most common way to hack Netflix is to create an account through a phone service provider. Few consumers know this, but it is now possible to create an account through your phone service provider. In the “subscription options", it’s possible to find a "partner," including third-party on-demand services.

By hacking into such an account, you can subscribe to a third-party account. This scam works because an increase of a few dollars per month often goes unnoticed by a family who has subscribed to telephone and the Internet with the same provider.

That’s why it’s so important to check your statement regularly.

3. Open Accounts in Hotels and Airbnbs

Today, the major video-on-demand services are now integrated natively into connected TV sets. It’s not uncommon to find this type of TV in a hotel or an Airbnb rental. A common mistake is to forget to your disconnect your account before leaving the location. It’s often possible to find forgotten accounts on this type of equipment, which gives the hackers access to the unsuspecting user’s email and phone number.

So before leaving, it’s critical to disconnect your account from the TV set.

What should you do if your account is hacked?

When an account is hacked, you should contact Netflix. If you can still access the account, in Settings, the option "Disconnect all devices" lets you disconnect all devices currently using the account. Then simply change the password. Additionally, you should change your passwords for all other online accounts. Finally, Netflix provides tips for users who receive suspicious emails regarding their service here.