Alert: Watch Out for a Password Hijacking Virus

Jim ShimabukuroBy Jim Shimabukuro

Updated 12/18/15

To log in to my Netflix account, I normally don’t need to key in more than the first letter of my email address since I’ve authorized my browser to remember my username and password.

However, about an hour ago, when I tried to log in to Netflix via Internet Explorer, a slightly different pop-up appeared. It asked for my username and password as usual, but when I began to type, it didn’t remember my full name/password. Also, it continued to reject the ones I typed in as errors. After several attempts, I realized that this was not the usual Netflix sign-in page.

It was similar yet oddly different. Suspecting that this might have been a password hijacking virus, I immediately logged out and logged back in to Netflix via Firefox, making sure that I used the correct sign-in page. Once in, I changed my Netflix password.

My browser of choice is Firefox, but I had decided to use IE because of some script-handling problems in Firefox. I don’t recall an experience exactly like this in Firefox. 

I’m not certain that this was a virus, but it seemed to be. I don’t remember the name of the pop-up, which appeared in the page tab, but it sounded fishy.

I’m also not sure if this is an IE or Netflix problem.

The one thing I’m sure of is that I — we — need to be careful when logging in to our various accounts. I know that I’m guilty of doing it as quickly as possible, without thinking.

Perhaps the most important precaution is to make doubly sure that the pop-up login page or window is actually from the site that you’re entering and not from a hijacker. If the pop-up feels even slightly different or strange, if it doesn’t remember your username/password, and if it rejects the ones that you enter, then be on the alert.

Take immediate precautions by changing your password for the site in question as well as other sites that might be hacked via the stolen username/password.

Finally, this happened with Netflix, but it could happen with pretty much any site that you frequent with a password.

Another step may be to report the problem to the site or browser administrators, but they’re usually so well insulated from uninvited contact that figuring out how to contact them is a major obstacle. Also, even when you do get through to someone, there’s no telling what they’ll do — if anything — with the information.

At my university, I received an irritated reply from the IT staff when I tried to report a possible phishing scam in our email system. They’re probably inundated with similar reports and don’t have the patience to deal with unsolicited reports.

Thus, I’ve decided to share this alert here, in this post, hoping that it makes you, the reader, a bit more cautious when logging in to your secure accounts.

If you’ve experienced similar hijacking problems, real or suspected, please share them with us in the discussion section below.

claude80Update 12/18/15: Received an email from Claude Almansi re an article she wrote in 2009, “OT Phishing Scam via Twitter,” in which she warns of phishing scams via email. Her caveat is still relevant today: Be extremely cautious about responding to emailed requests for personal information, especially usernames and passwords. And by all means, never send your credit card information via emailed requests or links. In cases where you need to submit credit card info, don’t do it through the emailed link. Instead, log out of your email account and log in to the official site of the business that you’re dealing with. It pays to make caution a habit in online transactions.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: