3-D Secure SMS-OTP Phishing
One of our remediation analysts Eli Trevino recently discovered a phishing page informing victims about fake Netflix service disruptions, supposedly due to problems with the victim’s payment method.
The phishing page prompts victims to provide their payment details to prevent account lockout:
What’s interesting about this phishing page is that it selectively targets victims within a specific geographic region: France. The attackers use French for the page content, and the country calling code is default set to 33 which is designated for calls made to France.