Netflix fans are being warned of a new phishing scam claiming to be from the popular streaming service.
With nearly 151 million users worldwide, Netflix is the #1 streaming service in the world. Scammers have targeted Netflix customers with a phishing email that has been designed to steal their personal and financial login details.
The fake emails include the subject line "Reminder: Update Payment Method” and a message which suggests there has been an issue with the recipient's subscription to the streaming company. The email con states "We’re having some trouble with your current billing information. We’ll try again, but in the meantime, you may want to update your payment details."
It is then signed off by "Your friends at Netflix."
Although the scammers have cleverly incorporated Netflix branding and logo in the emails, the generic ‘Hi Dear’ greeting should act as a warning sign that this is not a legitimate email. The emails also have the display name of Netflix but the sender address is 'info.mailer.netflix.com'.
In order to create a sense of urgency, the recipient is prompted to click the ‘update account now’ button to activate their account. However, this button then directs unknowing victims to a Netflix branded account page which includes a form requesting their credit card information.
For cybercriminals, Netflix phishing is a profitable business. Netflix's substantial subscriber base offers a wealth of opportunities to access personal information. In Vade Secure's quarterly Phisher’s Favorites report for Q2 2019, Netflix was the 4th most impersonated brand in phishing attacks, with 8.2% quarter-over-quarter growth in Q2 2019.
Netflix also offers a unique opportunity to provoke victims as there is often anticipation surrounding the release of new shows in the months ahead of a premiere. This provides the perfect scenario for a cybercriminal to issue a phishing email that alerts subscribers that their accounts need to be updated to avoid cancellation.
This "technique" worked particularly well for phishers targeting HBO viewers in 2019. Over seventeen million viewers tuned into the season premiere of Game of Thrones last year. Around the same time, phishers lured Game of Thrones fans to phishing websites with the offer to stream the popular series. Many users provided personal and credit card information which would be later found for sale on the dark web. In another phishing scam, hackers impersonated HBO, claiming they had proof that victims had streamed the show illegally and asked for a copyright infringement payment.
Lately, phishing emails have become increasingly sophisticated and difficult to detect. However, there are a few key indicators to look out for which help to spot a phish.
Does the URL match the address displayed? Often phishing scams will display a suspicious URL address which includes a misspelling of the company name or incorporates an odd character or symbol.
If the email asks for personal information such as an account number, password, pin or security questions then approach with caution. A reputable company will never request these personal details in an email.
If you spot any spelling mistakes or poor grammar within an email, it is unlikely to have come from an official organisation and could indicate the presence of a phishing email.
If the email creates a sense of urgency and encourages you to act immediately, this may be a sign of a phishing scam. If you are unsure if the request is legitimate, contact the company directly via their official website or telephone number.
If an offer seems too good to be true, then it usually is! Be wary of emails that inform you that you have won a competition that you did not enter or requests you to click on a link to claim a prize.
Our MetaPhish platform has been specifically designed to protect businesses like yours from phishing and ransomware attacks, providing the first line of defence in combating cyber-crime. Using an extensive range of templates, you can keep your staff safe from phishing scams through automated training that engages, educates and informs staff of phishing threats.