Have you recently noticed some weird suggestions on your Netflix account? Have you seen a new user under your account that you have no idea how it got there? Well, chances are one of two things could have happened — the first is that one of your family members is messing with you. The second, and more nefarious one is that your account has been compromised and has been sold on the Dark Web.
So if you haven’t shared your Netflix login with your family (and even if you have), you should read on. Last week, it was reported that hackers have recently taken advantage of Netflix’ policy of allowing users share their login credentials with friends and family. While this feature is good for helping out a struggling college-aged sibling, it is something that scammers can use to make a buck off of users who might not even notice something is awry.
On one hand, given Netflix policy, this might seem like a victimless crime — since they are inviting folks to share their account with people and Reed Hastings, CEO of Netflix, has noted that he doesn’t consider sharing passwords a problem. While that sounds good, the hackers are also selling accounts for as low as 50 cents, meaning that if your account was compromised, someone is making some scratch off of something you paid for.
— Kaspersky Lab (@kaspersky) November 26, 2015
So now what?
If you are curious to see if you have been compromised, there are a few things that you can do.
Perhaps the easiest is to visit haveibeenpwned.com, the site will allow you to check if your email or username has been compromised in a data breach. You can also look at your recently watched natively. If you see something off, or a new user created, you’ve been compromised.
If you’re one of the many impacted by this breach, you are not alone and the fix is not too hard. Simply log into your account and select log out of all devices and then change your password.
One thing that you should keep in mind should you be included in this breach. If you reuse the password for your Netflix account, you should change it on your other accounts that use that password as well as it could give the bad guys access to a more sensitive account that you hold — your primary email, banking, Facebook, etc.
— Kaspersky Lab (@kaspersky) December 1, 2015
If you have trouble memorising complex passwords, you can follow these tips from David Jacoby of our GReAT team. You can also use a password managing tool, like Kaspersky Password Manager to create reliable passwords and manage them safely.