Stay informed about cyber awareness training topics and mitigate risk in your organisation.

Scam of the Week: Subscribers Warned of Netflix Phishing Scam

Netflix Phishing Scam

Subscribers are being warned of a new Netflix phishing scam claiming to be from the popular streaming service. 

With nearly 151 million users worldwide, Netflix is the #1 streaming service in the world. Scammers have targeted Netflix customers with a phishing email that has been designed to steal their personal and financial login details. 

The fake emails include the subject line “Reminder: Update Payment Method” and a message which suggests there has been an issue with the recipient’s subscription to the streaming company. The email con states “We’re having some trouble with your current billing information. We’ll try again, but in the meantime, you may want to update your payment details.” 

Netflix scam

It is then signed off by “Your friends at Netflix.” 

Although the scammers have cleverly incorporated Netflix branding and logo in the emails, the generic ‘Hi Dear’ greeting should act as a warning sign that this is not a legitimate email. The emails also have the display name of Netflix but the sender address is ‘’. 

In order to create a sense of urgency, the recipient is prompted to click the ‘update account now’ button to activate their account. However, this button then directs unknowing victims to a Netflix branded account page which includes a form requesting their credit card information.  

Also read: Sophisticated Phishing Scam Targets Netflix Users

For cybercriminals, Netflix phishing scams are a profitable business. Netflix’s substantial subscriber base offers a wealth of opportunities to access personal information. In Vade Secure’s quarterly  Phisher’s Favorites report for Q2 2019, Netflix was the 4th most impersonated brand in phishing attacks, with 8.2% quarter-over-quarter growth in Q2 2019. 

Netflix also offers a unique opportunity to provoke victims as there is often anticipation surrounding the release of new shows in the months ahead of a premiere. This provides the perfect scenario for a cybercriminal to issue a phishing email that alerts subscribers that their accounts need to be updated to avoid cancellation.  

This “technique” worked particularly well for phishers targeting HBO viewers in 2019. Over seventeen million viewers tuned into the season premiere of Game of Thrones last year. Around the same time, phishers lured Game of Thrones fans to phishing websites with the offer to stream the popular series. Many users provided personal and credit card information which would be later found for sale on the dark web. In another phishing scam, hackers impersonated HBO, claiming they had proof that victims had streamed the show illegally and asked for a copyright infringement payment. 

Stay Safe from Netflix Phishing Scams 

Lately, phishing emails have become increasingly sophisticated and difficult to detect. However, there are a few key indicators to look out for which help to spot a phish. 

Download our Ultimate Guide to Phishing for free 

  • Check before you click 

Does the URL match the address displayed? Often phishing scams will display a suspicious URL address which includes a misspelling of the company name or incorporates an odd character or symbol. 

  • Requests personal information 

If the email asks for personal information such as an account number, password, pin or security questions then approach with caution. A reputable company will never request these personal details in an email. 

  • Poor spelling and grammar 

If you spot any spelling mistakes or poor grammar within an email, it is unlikely to have come from an official organisation and could indicate the presence of a phishing email. 

  • Sense of urgency 

If the email creates a sense of urgency and encourages you to act immediately, this may be a sign of a phishing scam.  If you are unsure if the request is legitimate, contact the company directly via their official website or telephone number. 

  • Unexpected correspondence 

If an offer seems too good to be true, then it usually is! Be wary of emails that inform you that you have won a competition that you did not enter or requests you to click on a link to claim a prize. 

Protection against Phishing 

Our MetaPhish platform has been specifically designed to protect businesses like yours from phishing and ransomware attacks, providing the first line of defence in combating cyber-crime. Using an extensive range of templates, you can keep your staff safe from phishing scams through automated training that engages, educates and informs staff of phishing threats. 

Learn More 

The Ultimate Guide to Phishing

about the author

sharing is caring

Share on linkedin
Share on twitter
Share on facebook

you might enjoy reading these

UK GDPR Series Available Now

Privacy is an ongoing concern for every organisation, however, the notion of consent isn’t without its complications. To help organisations navigate data protection protocols, we
Read More »

Seasonal Phishing Templates

Phishing is a year-round activity for cybercriminals, and just like retailers, they use seasonal events as an opportunity to cash in. Seasonal occasions, including St
Read More »

Request Demo

The personal information that you provide to us in this form will only ever be used by MetaCompliance (as the Data Controller) for the following specifically defined purposes:

  • email you content that you have requested from us
  • with your consent, occasionally email you with targeted information regarding our service offerings
  • continually honour any opt-out request you submit in the future
  • comply with any of our legal and/or regulatory obligations