The U.S. Federal Trade Commission has issued a warning about a new global Netflix phishing scam that attempts to fool Netflix subscribers into disclosing their account credentials and payment information. The scam uses a tried and tested tactic to obtain that information: The threat of account closure due to payment information being out of date.
Users are sent a message asking them to update their payment details because Netflix has experienced problems obtaining the monthly subscription payment. The user is provided with an “Update Account Now” button which they can click to enter their correct banking/card information. However, clicking the link will not direct the user to the official Netflix site, instead they will be taken to a web page on a site controlled by the scammer. On that site, Netflix login credentials will be harvested along with the banking information entered by subscribers.
The latest campaign was identified by the Ohio Police Department, which shared a copy of the phishing email on Twitter. The FTC also issued a warning about the new Netflix phishing scam in a recent blog post.
Image Source: Ohio Police via FTC
As you can see from the image, the message looks official as it contains the Netflix logo and color scheme. The message also closely resembles official email communications often sent by Netflix. However, there are tell-tale signs that the email is not what it seems. Netflix is naturally aware who their subscribers are and addresses emails to users by their first name. In this email, the message starts with “Hi Dear.”
Less visual is the hyperlink, but it is something that is quite easy to check by hovering the mouse arrow over the button. That will display the true URL, which is not the official Netflix website. Another sign is the phone number on the email is a U.S. number, which for any individual based in another country would be highly suspicious.
If the link is clicked, the page the user is directed to looks official and is virtually indistinguishable from the genuine site, although if a user checks the URL it will confirm they are not on the genuine Netflix site for their country.
All of these warning signs should be recognized by users, but many people fail to carefully check messages before clicking. To avoid phishing scams such as this, make sure you carefully check all email messages before responding and if ever you receive an email containing any threat, visit the official URL for the company directly by entering in the website directly into the browser rather than clicking a link in an email.