What is the issue - Office 365 Threat Research team observed two new active phishing campaigns targeting Netflix and American Express (AMEX) users.
“Two massive, still-active phishing campaigns targeting Netflix and AMEX emerged over the weekend, the Office 365 Threat Research team has discovered. Machine learning and detonation-based protections in Office 365 ATP protect customers both campaigns,” Windows Defender Security Intelligence tweeted.
Why it matters - These campaigns aim to steal users’ personal information, payment card details, login credentials, and social security information.
Netflix phishing campaign
“Netflix was unable to collect a payment because of one of the following reasons:
To resolve the issue, update your payment method. Download form attached to this email and follow the instructions. Once your payment information has been updated, you can continue enjoying Netflix. If you’re having trouble updating your payment information, you may want to reach out to your card issuer to ensure the card information is up to date or try an alternate method of payment. Netflix will also automatically retry the failed payment periodically over the course of your billing cycle to help you get back to enjoying the service,” the email read.
AMEX phishing campaign
“We are reaching you on a recent update on your online service platform and we feel the need to evaluate Cardmember’s profile. At the moment of evaluation, your profile couldn't be authenticated during diligence checks. However, For security reason, We declined access to card member’s profile and request that you confirm what we have on records for you. Attached along this message is a web fillable form. Complete request by downloading and filling out the form,” the email read.
“The AMEX campaign uses a generic “Notice Concerning your CardMember Account” message and asks for multiple personal and credit card info, but interestingly also asks for email address and password,” Windows Defender Security Intelligence tweeted.