{"id":4944,"date":"2014-03-04T10:00:42","date_gmt":"2014-03-04T15:00:42","guid":{"rendered":"http:\/\/blog.nccomputertech.com\/?p=4944"},"modified":"2014-03-04T10:00:42","modified_gmt":"2014-03-04T15:00:42","slug":"watch-out-for-this-netflix-tech-support-scam","status":"publish","type":"post","link":"https:\/\/nccomputertech.com\/techtalk\/2014\/03\/04\/watch-out-for-this-netflix-tech-support-scam\/","title":{"rendered":"Watch out for this Netflix \u201ctech support\u201d scam"},"content":{"rendered":"<span class=\"embed-youtube\" style=\"text-align:center; display: block;\"><iframe loading=\"lazy\" class=\"youtube-player\" width=\"640\" height=\"360\" src=\"https:\/\/www.youtube.com\/embed\/p_cFww5rfek?version=3&#038;rel=1&#038;showsearch=0&#038;showinfo=1&#038;iv_load_policy=1&#038;fs=1&#038;hl=en-US&#038;autohide=2&#038;wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\"><\/iframe><\/span>\n<p>Jerome Segura has been tracking tech support scams for a year, documenting the ploys he&#8217;s encountered. But even this one found him unprepared.<\/p>\n<p>&#8220;Combining a phishing scam with a fake tech support call center is something that I&#8217;d never seen before,&#8221; the Malwarebytes senior security researcher told Wired.co.uk. A video of the find shows Segura trying to enter a fake Netflix login on the streaming service&#8217;s homepage, only to be presented with a notice telling him the account has been suspended, and telling him to call a fake tech support number.<\/p>\n<p>He dutifully called up and was asked to download &#8220;Netflix Support Software&#8221;\u2014really the remote control software TeamViewer, which allowed the scammer access to his system. Once he had hopped on, the hacker told Segura he&#8217;d been hacked. In fact, the scammer said he&#8217;d been hacked nine times, with one coming from Serbia, four from Russia, three from China, and one from Italy. It&#8217;s all part of a tactic to instill fear and get the user to comply, explains Segura. Like when the helpful voice on the other end of the phone showed him a scan of apparent hacker activity\u2014which was really just custom-made Windows batch script.<\/p>\n<p>&#8220;By running their own tool, which looks authentic, the crooks can detect &#8216;problems&#8217; that do not exist,&#8221; says Segura. &#8220;Finally, showing those scan results adds to the fear factor, as well as creating a sense of urgency to fix the issue.&#8221;<\/p>\n<p>As well as scraping plenty of personal information from Segura&#8217;s system, including a file named &#8220;banking 2013,&#8221; the scammers continued by attempting to secure a payment of $389.97 (with a generous $50 Netflix discount) for Microsoft support to fix the problem. (He was repeatedly told that the problem happened because his security software is not up to scratch).<\/p>\n<p>Then comes a little &#8220;fixing&#8221; after the call is passed on to a technician. This time, it&#8217;s designed to induce the victim&#8217;s comfort\u2014&#8221;I can also see that these hackers were trying to access some of your personal information like documents and pictures. Do you have any pictures?&#8221; asked the helpful hacker, before proceeding to recover them for him.<\/p>\n<p>Perhaps the most bizarre and unusual part, the &#8220;Microsoft technician&#8221; asked Segura to hold up a photo ID with his credit card information, because they are doing the transaction over the Internet and Microsoft wants to make sure he&#8217;s the cardholder.<\/p>\n<p>&#8220;The Neftlix theme was well thought out\u2014from the suspended account ploy to the discount coupon if you agree to fix the issue, the bad guys have planned their approach in detail,&#8221; Segura tells us. &#8220;Requesting a photo ID, as well as a snapshot of my credit card, was completely novel too. Despite being the untrustworthy ones, it is ironic they are trying to make sure the mark is not playing them. Aside from the fact that it is creepy, it creates a huge identity theft risk.&#8221;<\/p>\n<p>Although this particular investigation took place in the US, Segura says it will &#8220;most likely&#8221; also affect users in the UK, Canada, Australia, and New Zealand.<\/p>\n<p>&#8220;The scammers, usually located in India, are not native English speakers, but it is one of the idioms they know and are comfortable with.&#8221; Segura tracked the scammers, and they were indeed located in India. &#8220;This scam seems relatively fresh; at least the domain they used was registered and updated recently,&#8221; he adds in a blog post on the investigation.<\/p>\n<p>But how often does a scam like this really work? Surely most people&#8217;s natural suspicions would be piqued way before they&#8217;re asked for a photo of their ID. Surprisingly, says Segura, this is not the case.<\/p>\n<p>&#8220;Anyone could fall for these scams, although certain people are more vulnerable. The older generations that did not grow up with computers are more susceptible to be social-engineered. The argument about hackers infiltrating your computer is more likely to be won with someone unfamiliar with such technology. Availability is another important factor here. People that work from home or spend the majority of their time at home are often targeted simply because most calls will happen during business hours, when other people will be out working.&#8221;<\/p>\n<p>Unlike with the Microsoft support call scam Segura uncovered last year, the scammers were generally cordial (&#8220;bye asshole&#8221; one &#8220;technician&#8221; signed off the last time around after Segura entered the wrong banking details). But he did not confront them.<\/p>\n<p>&#8220;I&#8217;ve learned early on that trying to expose them on the phone is a pointless exercise resulting in a spiral of denial. My goal is to play along, collect as much information as I can while remaining polite in order to build a case against them. They gave themselves away many times, but that&#8217;s just because I know enough not to be caught off guard.&#8221;<\/p>\n<p>via <a href=\"http:\/\/arstechnica.com\/security\/2014\/03\/watch-out-for-this-netflix-tech-support-scam\/\" target=\"_blank\">Watch out for this Netflix \u201ctech support\u201d scam | Ars Technica<\/a>.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Jerome Segura has been tracking tech support scams for a year, documenting the ploys he&#8217;s encountered. But even this one [&hellip;]<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"site-sidebar-layout":"default","site-content-layout":"","ast-site-content-layout":"default","site-content-style":"default","site-sidebar-style":"default","ast-global-header-display":"","ast-banner-title-visibility":"","ast-main-header-display":"","ast-hfb-above-header-display":"","ast-hfb-below-header-display":"","ast-hfb-mobile-header-display":"","site-post-title":"","ast-breadcrumbs-content":"","ast-featured-img":"","footer-sml-layout":"","ast-disable-related-posts":"","theme-transparent-header-meta":"","adv-header-id-meta":"","stick-header-meta":"","header-above-stick-meta":"","header-main-stick-meta":"","header-below-stick-meta":"","astra-migrate-meta-layouts":"default","ast-page-background-enabled":"default","ast-page-background-meta":{"desktop":{"background-color":"var(--ast-global-color-4)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"ast-content-background-meta":{"desktop":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_feature_clip_id":0,"_jetpack_memberships_contains_paid_content":false,"footnotes":"","jetpack_publicize_message":"","jetpack_publicize_feature_enabled":true,"jetpack_social_post_already_shared":false,"jetpack_social_options":{"image_generator_settings":{"template":"highway","default_image_id":0,"font":"","enabled":false},"version":2},"jetpack_post_was_ever_published":false},"categories":[7,8],"tags":[740,939],"class_list":["post-4944","post","type-post","status-publish","format-standard","hentry","category-security","category-social-media","tag-netflix","tag-scam"],"jetpack_publicize_connections":[],"jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"jetpack_shortlink":"https:\/\/wp.me\/papNkV-1hK","jetpack-related-posts":[{"id":8920,"url":"https:\/\/nccomputertech.com\/techtalk\/2016\/05\/17\/8920\/","url_meta":{"origin":4944,"position":0},"title":"Tech support scammers now utilizing ransomware-like lock screens to threaten people","author":"NCCT","date":"May 17, 2016","format":false,"excerpt":"By Justin Luna | Neowin Some of us may be very well aware of the classic tech support scam stories, where a man randomly calls people, and informs them that they are from \"Windows company\" and that the call recipient's computer has been detected full of viruses. These cold callers\u2026","rel":"","context":"In &quot;Security&quot;","block_context":{"text":"Security","link":"https:\/\/nccomputertech.com\/techtalk\/category\/security\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":9162,"url":"https:\/\/nccomputertech.com\/techtalk\/2017\/05\/01\/this-week-in-tech-612-sky-pirates-of-silicon-valley\/","url_meta":{"origin":4944,"position":1},"title":"This Week in Tech 612: Sky Pirates of Silicon Valley","author":"NCCT","date":"May 1, 2017","format":false,"excerpt":"https:\/\/www.youtube.com\/watch?v=quCSMNQI-5U&feature=player_detailpage Apple slashes affiliate commissions and stops paying Qualcomm royalties. Google's founders each have their own flying contraptions in the works. Amazon's new Echo Look wants pictures of your clothes. Uber wants all of your data. WikiTribune wants to fight fake news. Hackers just want money from Netflix. The Juicero\u2026","rel":"","context":"In &quot;Apple&quot;","block_context":{"text":"Apple","link":"https:\/\/nccomputertech.com\/techtalk\/category\/apple\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/img.youtube.com\/vi\/quCSMNQI-5U\/0.jpg?resize=350%2C200","width":350,"height":200},"classes":[]},{"id":6032,"url":"https:\/\/nccomputertech.com\/techtalk\/2014\/07\/22\/this-week-in-tech-467-netflix-thinks-im-a-bronie\/","url_meta":{"origin":4944,"position":2},"title":"This Week in Tech 467: Netflix Thinks I&#8217;m a Bronie","author":"NCCT","date":"July 22, 2014","format":false,"excerpt":"Hosts: Leo Laporte, Dan Gillmor, and Ben Thompson Microsoft's cloudy future, the Comcast call heard around the world, Amazon testing ebook subscription service \"Kindle Unlimited,\" and more.","rel":"","context":"In &quot;Technology&quot;","block_context":{"text":"Technology","link":"https:\/\/nccomputertech.com\/techtalk\/category\/technology\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":9516,"url":"https:\/\/nccomputertech.com\/techtalk\/2019\/02\/03\/to-the-woodshed-with-you-this-week-in-tech-704\/","url_meta":{"origin":4944,"position":3},"title":"To the Woodshed With You! &#8211; This Week in Tech 704","author":"NCCT","date":"February 3, 2019","format":false,"excerpt":"https:\/\/youtu.be\/14UX3TQ0K3Q FaceTime Flaw, Apple Spanks Facebook and Google, Huawei Suspicions, FBI Wants Your DNA, and more. \u2022 How to Watch the Superbowl Commercials Without All That Annoying Football \u2022 Apple's Not So Horrible Quarterly Earnings \u2022 Facetime Flaw Dulls Apple's Privacy Shine \u2022 Apple Spanks Facebook and Google for Data\u2026","rel":"","context":"In &quot;Apple&quot;","block_context":{"text":"Apple","link":"https:\/\/nccomputertech.com\/techtalk\/category\/apple\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/img.youtube.com\/vi\/14UX3TQ0K3Q\/0.jpg?resize=350%2C200","width":350,"height":200},"classes":[]},{"id":9127,"url":"https:\/\/nccomputertech.com\/techtalk\/2017\/03\/24\/this-week-in-tech-606-my-youtube-cover-band\/","url_meta":{"origin":4944,"position":4},"title":"This Week in Tech 606: My YouTube Cover Band","author":"NCCT","date":"March 24, 2017","format":false,"excerpt":"https:\/\/www.youtube.com\/watch?feature=player_detailpage&v=TbSN70U4mWY Uber's President quits, saying that the job was not what he signed on for. Orson Wells' \"new\" movie comes to Netflix. How to make money in the new music industry. Pwn2Own winners do the impossible hack. Is your vibrator tracking you? All this, and growing human flesh on robots\u2026","rel":"","context":"In &quot;Technology&quot;","block_context":{"text":"Technology","link":"https:\/\/nccomputertech.com\/techtalk\/category\/technology\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/img.youtube.com\/vi\/TbSN70U4mWY\/0.jpg?resize=350%2C200","width":350,"height":200},"classes":[]},{"id":9250,"url":"https:\/\/nccomputertech.com\/techtalk\/2017\/10\/22\/this-week-in-tech-637-11-verified-herbs-and-spices\/","url_meta":{"origin":4944,"position":5},"title":"This Week in Tech 637: 11 Verified Herbs and Spices","author":"NCCT","date":"October 22, 2017","format":false,"excerpt":"https:\/\/youtu.be\/BVi0f9LRk58 Pixel 2 first look. Apple innovation. Twitter will end hate speech next week. Bixby in the kitchen, Cortana in the living room. KRACK is bad, ROCA is worse. Netflix will spend $8 million on original content. Magic Leap gets another $500 million.","rel":"","context":"In &quot;Apple&quot;","block_context":{"text":"Apple","link":"https:\/\/nccomputertech.com\/techtalk\/category\/apple\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/img.youtube.com\/vi\/BVi0f9LRk58\/0.jpg?resize=350%2C200","width":350,"height":200},"classes":[]}],"_links":{"self":[{"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/posts\/4944","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/comments?post=4944"}],"version-history":[{"count":0,"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/posts\/4944\/revisions"}],"wp:attachment":[{"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/media?parent=4944"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/categories?post=4944"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/tags?post=4944"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}