There is a new phishing scheme currently circulating on the Internet. Its objective is not just to steal your money but your identity as well.
When you get a fraudulent alert from a bank, a department store or other company you do business with via email, pop-up or text message, it is considered phishing. They fish for your personal information, usually financial, in the hopes you will be intimidated into giving up that sensitive information. This time around though, they just take it without asking.
The latest cyberscam being circulated was discovered last week by a technician at Malwarebytes. It genuinely appears to be from the online movie provider Netflix, but in fact is not. Don’t be so quick to comply should you have a Netflix account and are the recipient of one of those menacing messages.
You are informed that you have violated their terms of service agreement and that your account has been temporarily suspended. They offer to take a look at your computer system with your permission. You are then supposedly switched from customer service to a Netflix tech support operator and sometimes they may even say you are being redirected to a Microsoft technician. But don’t be fooled; you are only talking to a thief.
The dubious error message that is generated on your alert (ERR 19902881811) is the same for everybody that gets it, with the phone number just as bogus.
It turns out the number you dial (800-947-6570), is not a hotline. In fact, it is a call center in India and has nothing to do with either Netflix or Microsoft. These misleading reprobates are not interested in helping you, just themselves — to your money.
Their techs will say in order to release your account, they will have to first repair your system. This, of course, comes with the purchase of a downloaded utility and attempt to sell you other products from a better firewall, to a BOGO multiyear extension to your Netflix account. Don’t believe it.
Even if they say that it is legitimate and they remind you that they didn’t call you, that you could trust them because you called them, don’t fall for it. It is a sham.
While the agents are supposedly scouring your system for errors, they’re actually in quest of your financial data, specifically your banking account info and your passwords. They will run a few fake utilities, put on a dog-and-pony show and mislead you to believe they actually fixed your system.
They may even ask you to verify your identity by holding up your driver’s license and a credit card to the webcam they turned on, just in case you don’t buy anything. Then they’ll have your full name, date of birth, address, license number and credit card info along with a photo of you.
If you do decide to make a purchase, it could be a charge for $400 for their so-called services. Caveat emptor!
Even if you manage to get your bank to cancel the charge, they got away with stealing your identity. While you have your bank on the phone, they’ll be setting up a new credit card account with your info at their bank.
You can be sure that if you get one of these alerts, you have been targeted by these nefarious schemers. To prove it to yourself, always Google a phone number you are given. You’ll find this one has nothing to do with Netflix.
You could also hover — don’t click — on the link for “secure chat” or the link to their email address. By doing this you should see (in a pop-up balloon) that the results are the true address and that it has nothing to do with Netflix.
If they end in the suffix “.in,” they are from India (.it from Italy, .us from the U.S., etc). I’ve even seen some with Yahoo addresses. Anyone that you have an account with will have a domain with their company’s name at the end. It can still be fraudulent even if it says service.Netflix.in.com. Don’t be fooled. Anybody can put anything in a domain name. Watch the suffix to see if it is genuine.
Should you get an alert from a bank you happen to do business with, it’s best to call the number on the back of your credit card as opposed to the one in the alert, just to be safe. Never give out sensitive information to someone that phones you, no matter how legitimate it may appear.
Often, if you request a call-back number from someone who solicits you, they will just hang up on you, proving it was a scam.
Don’t be duped by these parasitical cyber crooks. If you’re subject to this Netflix scam, refuse to give them any information; better yet, don’t click on any links and don’t call them. Remember, it is not Netflix. All you will get in return is a huge charge to your credit card, the potential cleaning of your checking account and the theft of your identity.
Arthur Glazer is a freelance writer and computer technician in Gainesville. His column appears biweekly on the Business page and on gainesvilletimes.com.