Beware of this Netflix Email Scam
A new scam email targeting Netflix subscribers is making the rounds and it looks pretty convincing. The email threatens users with the suspension of their Netflix account if they do not follow a bogus link to update their account information.
The email’s title of “Your suspension notification” is designed to inspire enough fear so you take action without questioning the email too much. The email itself is well-designed, looks like something that could be from Netflix, and is personalized to show the name of the intended victim. It even adheres to security information on Netflix’s website as Netflix states they may email you to update your information with a link to their website.
The body of the email tells the recipient their Netflix billing information has been invalidated and urges them to update their details on the website via links in the email. The links go to a fake Netflix website, which, again, looks quite convincing. The sign in page looks identical to Netflix’s current sign in page. Victims are asked to log in and then update a variety of personal information including credit card number, address, mother’s maiden name, and driver’s license number. After submitting all of the information, a reassuring ‘reactivation’ page is shown and your sensitive information is now in the thieves’ hands.
Remember these tips for spotting scam emails:
As many as 91% of cyber attacks start with scam emails, otherwise known as phishing. Phishing emails are designed to lure users into clicking fake links, opening malicious attachments, or disclosing sensitive information. Ask yourself these questions:
- Do I know or recognize the sender? No? Then look at the email with more care and doubt. Yes? Then double check to make sure the sender’s email address is completely correct. Don’t trust the display name.
- Is it asking for personal information? If yes, be wary. Legitimate banks and most other companies would not ask for this information via email
- Are there glaring grammar or spelling errors? Major spelling mistakes or poor grammar should be a red flag.
- Is there urgent or threatening language? Language that inspires fear or a sense of urgency like the fake Netflix email’s ‘Your suspension notification’ is a common phishing tactic.
- Is there an attachment in the email? If there is and it is something you were not expecting from a relatively unknown source, do NOT click it.
- Is there a link in the email? If yes, hover your mouse over any links and look at the web address. If it looks weird, is an unfamiliar address, or is an abbreviated URL like a Bitly address, do not click it. The web address in the Netflix email was not to Netflix, which is a huge red flag.
Always look closely at emails asking you to update your account or billing information, especially if it is unexpected. The Netflix phishing email only hit three of the phishing characteristics, but is undoubtedly a malicious email.