

Watch out for this Netflix “tech support” scam - debugunit
http://arstechnica.com/security/2014/03/watch-out-for-this-netflix-tech-support-scam/

======
codezero
Original post: [http://blog.malwarebytes.org/fraud-scam/2014/02/netflix-
phis...](http://blog.malwarebytes.org/fraud-scam/2014/02/netflix-phishing-
scam-leads-to-fake-microsoft-tech-support/)

------
suprgeek
1-800-947-6570 seems to be the toll-free number used for this scam - something
to note down.

Also, check out the hilarious "Foreign IP Tracer" output IP addresses:

192.168.10.1 Serbia

281.179.1.23 Russia

------
reznikvova
"The scammers, usually located in India, are not native English speakers, "

Why India? It says they are Russian. It puts Indian Hackers in such bad light.
And I'm Russian

~~~
himal
You might wanna read this [http://blog.malwarebytes.org/fraud-
scam/2014/02/netflix-phis...](http://blog.malwarebytes.org/fraud-
scam/2014/02/netflix-phishing-scam-leads-to-fake-microsoft-tech-
support/#comment-6556)

Edit:You might wanna scroll up a bit becasue the site header is blocking the
comment.

------
sergiotapia
"watch out" is kind of an overstatement though. As soon as I read "hold up
your id" to confirm it's you it was immediately clear it was a scam.

Companies you do business with do not ask for your personal information -
since you already gave it!

Your ISP isn't going to call you and say, "Say Mr. X to confirm your
identitity give us your social security number and your credit card number +
ccv code".

~~~
CanSpice
I seem to recall that when I called my US bank, they would ask me for the last
three or four digits of my SSN to confirm I am who I am. My bank in Canada
always asks me for my birthdate.

Yes, companies you do business with do ask for your personal information.
While you definitely shouldn't give out your personal information to someone
who calls you, it's common-place to have to give your personal information to
a business that you have called.

In this case, the person received an email saying "please call this number".
Legitimate businesses do this as well (I got one from my bank:
[http://canspice.org/2013/06/06/cibc-credit-card-fraud-
depart...](http://canspice.org/2013/06/06/cibc-credit-card-fraud-department-
youre-doing-it-wrong/)).

------
zacinbusiness
I'm confused. How did the guy make it to the fake landing page? Was it from an
email?

~~~
himal
From the author's comment on the original article[1]

"This link could very well have been sent as spam or through a rogue ad.
That’s not how I discovered it though. The phone number used in this scam
matched one that I had tracked previously. It’s only after (by going to the
root of that domain which was not protected) that I discovered that there was
also a phishing scam in there."

[1].[http://blog.malwarebytes.org/fraud-scam/2014/02/netflix-
phis...](http://blog.malwarebytes.org/fraud-scam/2014/02/netflix-phishing-
scam-leads-to-fake-microsoft-tech-support/#comment-6554) _You might wanna
scroll up a bit becasue the site header is blocking the comment._

