Legit or Not?


In this exercise you learn how to spot a suspicious domain while learning the characteristics of a legitimate domain. You will examine two different domains, one will be legitimate, and the other is an actual phishing domain. The two domains are assets.nflxext.com and groupsnetflixpay.com.


Objective 1: Which domain appears to be phishing?

Objective 2: Are there any other related Netflix web pages associated with this infrastructure?

Objective 3: Does this appear to be related to a larger phishing attack beyond Netflix?


First search: Perform a search for the domain assets.nflxext.com.

Second search: Perform a search for the domain groupsnetflixpay.com

Step by Step Video