If you have a Netflix account, watch out for a new email scam that is going around.
The message, which purports to be from the streaming service, is targeting subscribers and attempting to get their bank details so they can steal your personal information and your money. The email claims that your account is about to be suspended, asking you to update your details to avoid it happening.
“We were unable to validate your billing information for the next billing cycle of your subscription therefore we’ll suspense your membership if we do not receive a response from you within 48hours,” says the email.
“Obviously we’d love to have you back, simply click restart your membership to update your details and continue to enjoy all the best TV shows & movie without interruption.”
The subject line reads “Your suspension notification”, which echoes the poor grammar within the main body of the email. While that should always be a warning sign in an email from a company, the design of the message is convincing, from the logo and branding to the colour scheme and other links to genuine Netflix pages. The page that the email links to, meanwhile, has Netflix’s logo and series such as The Crown and House of Cards.
How can you spot a fake email from Netflix?
Any generic greetings, such as “Dear Customer”, should set off alarm bells, while instructions to clink a link in an email should also be regarded with suspicion.
“Netflix will never ask for any personal information to be sent to us over email,” says the streaming service. This includes payment information (credit card number, debit card number, direct debit account, PIN, etc.), social security number for US citizens (in any form), identification number, or tax identification number, and your account password.
“Netflix may email you to update this information with a link to our website, but be cautious of fake emails that may link to phishing websites,” warns Netflix.
“We are seeing phishing tactics like this on a daily basis,” says Mailguard, which captured the above picture of the email. “Cybercrime of this sort, where the criminals create a fake website that looks and smells like a well-known company, is known as ‘brandjacking’. This approach has a high success rate for cybercriminals. Why? Because it taps into our subconscious. Marketers have known for years how to leverage our subconscious to make us spend; ‘90% of all purchasing decisions are made subconsciously’ according to ISPO.com. So, our happy subconscious clicking – the trust that we place in brands – is putting us all at risk.”
What do you do if you have received the above email? Never enter your login or financial details, and, if you are unsure whether you have been taken to a legitimate Netflix web page, check the URL in the web browser bar at the top of your screen – or type www.netflix.com directly into your browser. Be careful not to click on any links or open any attachments. Finally, report your scam email to Netflix here.