Contributed by George Mack, Content Marketing Manager, Check Point Software
Have you received a suspicious looking email purporting to come from Netflix? Be extra cautious.
Phishing emails targeting Netflix customers have been around for years, but the consequences of falling for one can still be high. Those who fall victim risk losing access to their Netflix account, as well as giving up sensitive information such as addresses, phone numbers, credit card numbers, and more.
Example of a Netflix scam email
Below is one example of a Netflix phishing email. If you ever received anything like this in the past or recently, then know that it’s part of a social engineering scheme.
The email states: “We were unable to validate your billing information for the next billing cycle of your subscription therefore we’ll suspend your membership if we do not receive a response from you within 48 hours.”
If you click on the link, it leads you to a phishing page designed to extract your information. As with most phishing emails, there are some red flags indicating that the message is fake.
First, the text “Payment Declined” appears to be in a different font and size than the body.
Second, the message begins with “Dear Customer.” However, most companies do not start their emails like this.
Third, there are grammar and spelling errors. The email states “48hours” with a missing space. There’s a missing period at the end of the second paragraph, and the words “RETRY PAYMENT” are not enclosed in quotes.
You should never update your financial details after being prompted to do so by an email. Netflix has stated “We will never ask for your personal information by texts or email. This includes: Credit or debit card numbers; Bank account details; Netflix passwords.”
How do hackers know that you have a Netflix account?
When you receive a Netflix phishing email, you may find yourself asking, “How did these hackers know that I have a Netflix account?” It can certainly cause concern surrounding privacy.
There are two ways in which hackers find your email address and target you.
First, they could have acquired your email address in a data breach that specifically involved Netflix. This makes it easier for hackers to carry out their schemes, as it guarantees that their phishing email campaigns are highly targeted.
Second, they might just be guessing that you have a Netflix account, without any real way of knowing whether you do or not. Hackers can scrape email addresses from the web but are unable to map the email addresses to certain services, like Netflix. So, they cast out a wide net.
Hackers will curate a list of the most popular consumer companies, including Amazon, Apple, Netflix, DHL, and others – and blast phishing emails purporting to come from each of these companies. Therefore, even if you don’t have an Amazon account, you may have a Netflix account – and it’s that phishing email that grabs your attention.
How can you spot a Netflix scam email?
This advice not only applies to Netflix scam emails, but also to all other potential phishing emails.
Always ask yourself these questions when you find yourself second-guessing the true intent of an email:
- Check the true email address from the sender. Does it come from the actual website (e.g. Netflix.com)?
- Are there grammar or spelling errors?
- Gauge the agenda of the email. Is the sender asking for something private and valuable, such as a credit card or social security number?
- Does the email not read as if it were written by a native speaker?
- Is the email designed to make you feel panic, urging you to act quickly – or else you’ll lose access to your Netflix account?
- Is the link of the web page that you’re taken to not the real company’s website?
- Is there a suspicious attachment accompanying the email?
If you find yourself receiving one of these emails, then don’t click on any links. Delete it and block the sender. Report the message to Netflix, your email service provider, and your IT administrator. Finally, make sure you’re following password best practices to strengthen your online security.
To receive more timely cyber security news, insights into emerging trends and cutting-edge analyses, please sign up for the cybertalk.org newsletter.
The post Did you receive this Netflix scam email? Be careful… appeared first on CyberTalk.
