If you’re a Netflix subscriber, you may have received an innocuous email stating that your account is “on hold” due to issues with processing your bill. You may think, “huh, that’s weird. I’ll click the link and update my payment details.”
You wouldn’t be the only one to fall for this. However, the email is not from Netflix at all; it’s actually a phishing scam designed to steal your account details.
The FTC just released a warning via its blog that these fake Netflix emails are out there. This is similar to scams that hit in September and October 2017.
The way the scam works is like this: the hackers pose as a trusted company, in this case, Netflix. Their aim is to steal your personal info like account numbers, passwords, credit card details, or even your Social Security number.
This particular email asks you to click on the link and update your payment information. It claims that your account is “on hold” because Netflix is “having some trouble” with the billing information it has on file.
This may sound reasonably legitimate, and at first glance, it certainly appears as if it was sent directly from Netflix. However, if you click the link, you could download malware which can then be used to access your accounts—or even lock you out of your computer.
According to Netflix, it would never ask for a user’s personal information via email, including payment information, any type of identification number, or an account password. The trouble is that emails like this often send you to fake websites that look just like the real one. There, you enter your bank details and click save, unknowingly sharing
How to tell if the email is fake
If you received this Netflix
First, do not click on any link. The FTC recommends that you look for telltale signs of a fake when you receive an email. Take a look at the sender and see if the domain it’s from is correct (apple.com, for example). Often it’s a bunch of random letters.
Let’s take a look at the Netflix email below.
At first glance, it looks reasonably legit. But as with any email, you must be on the lookout for bad spelling and grammar. On the Netflix email, the message begins with “Hi Dear.”
Does this sound like something Netflix would say?
This is a BIG red flag right out of the gate.
The email also use the British spelling of “Center,” which is “Centre.” As an American company, sending an email to American users, this, again, is a red flag.
Armed with just that info alone, we can be pretty certain the email is not actually from Netflix.
Now, Netflix does say that it might email its customers from time to time, so not every email you get from Netflix is a scam. It could very well be a legitimate message. However, you should still be cautious of any links in emails. If you are not sure if it’s real, hover over the link with your mouse. If the URL looks strange, do not click it. Simply log into your account and access your Netflix messages directly from there.
You should also report the email to Netflix by forwarding it to firstname.lastname@example.org, or via the Netflix Help Center. Additionally, you should send the message to the FTC by forwarding it to email@example.com or report it via the FTC website, ftc.gov/complaint.
As we always say on this blog, be wary about messages you receive. Don’t just assume something is real without taking the time to check it out. Thousands of people fall for phishing attacks every day. Don’t be one of them.
Use Hotspot Shield to protect your devices against hackers and harmful malware. As an added bonus for Netflix users, Hotspot Shield also allows you unblock geo-restricted shows or bypass WiFi restrictions so you can stream until your heart’s content.