If you’re an Android smartphone user that’s looking into downloading the Netflix app that will allow you to watch movies on your phone, make sure you download the legitimate Netflix application!Irfan Asrar posted on the Official Symantec Blog, warning Android users about an information stealing Trojan - Android.Fakeneflic – often found lurking in fraudulent NetFlix applications whose main purpose is to steal your NetFlix login credentials.
The imitation NetFlix app closely resembles the real one, sporting a bright red background with the company logo on load.
However, once you try to login to your NetFlix account by entering your email and password, you’re presented with a message saying that the app is incompatible with your phone’s hardware and that you should download a different version.
In reality, compatibility is not the issue. The crooks behind this app have already got what they wanted – your NetFlix login details!
While you were being told that your phone didn’t meet the requirements to stream NetFlix content, the username and password you entered had been uploaded and stored on the bad guy’s server.
Is there any way to tell the real NetFlix app from the fake one?
Based on the images provided in Symantec's report, there appear to be a few discrepancies between the login pages of the REAL NetFlix app and the fake one(s). Namely the REAL NetFlix app has:
- The text, “Not a member? Visit Netflix.com to sign up.” Below the email and password login fields.
- A “Forgot your password?” option. (It makes sense the fake app can’t send you your password if it has no real ties to NetFlix!)
So if you download a NetFlix app, make sure it has the above options.
Also, make sure the author of the app is NetFlix, Inc., not some random third party.
What should you do if you think you downloaded the fake NetFlix app?
Change your NetFlix password IMMEDIATELY.
Thankfully the Trojan seems to lose interest once it’s stolen your NetFlix login, so you can continue about your merry way to download the legitimate NetFlix app without issue.
Of course, be sure to remove the fake app before doing so.
To read the report from Symantec, visit their Official Blog.
Be sure to follow us on Twitter at @hyphenet or “Like” us on Facebook to stay up-to-date on the latest security threats.
No comments:
Post a Comment