A very convincing Netflix email scam is doing the rounds and is likely to fool a number of recipients.
The scam email claims that Netflix failed to validate the recipient’s payment information resulting in the Netflix account being put on hold. The email provides a link for the recipient to click to verify their information.
It’s a phishing email scam, that leads to a spoof webpage that steals information entered into it. So yes, it’s a scam that is practically as old as the Internet itself.
But this scam is particularly well designed, and not only it is after a recipient’s Netflix login credentials, it also attempts to steal enough financial information from the victim as to potentially give crooks complete access to their bank accounts.
This is how it starts.
The email appears to be well designed, with minimal errors that you’d often find in a typical phishing scam. The link appears genuine, and the accompanying text appears legitimate.
There are some tell-tale signs though. Namely that the customer’s name is missing from the email, and a few minor grammar errors are present; namely Netflix isn’t capitalised in the second paragraph and there is a random line break in the last paragraph.
Additionally, inspecting the link itself (in our case we could hover over the link with the cursor) reveals that the true destination of the link is login.netflix-global.com. That isn’t a legitimate web domain belonging to Netflix, though upon a cursory glance you may think that it was.
Clicking the link leads to the below webpage.
Again, the fake URL is in the web address bar at the top, but a cursory glance may suggest it was real. This page is after a user’s login credentials. After they’re entered, the next page appears.
This page is looking to steal a visitor’s contact and billing information, including their mobile phone number and date of birth, both of which could help a crook pretend to be them. After that is entered, the next page appears.
And finally, this page is after payment information, including a bank account number and sort code (routing number for US readers.)
The giveaway here is that this isn’t information that the real Netflix either need or would ask for, since it isn’t needed to make a payment online or subscribe to a service.
Sponsored Content. Continued below...
However if a victim falls for this scam and enters their information in all three of the above webpages, they’ve not only given up access to their Netflix account, but given crooks enough information to pretend to be them online and give them potential access to their bank account.
So if you ever did hand over that amount of information to a crook, expect to have some difficult days ahead.
This phishing scam was particularly well crafted, but there are always giveaways, from the initial email to the website. To reiterate, we list them here.
– The email didn’t address the customer by their name
– The email had grammar errors
– The website the email directed to didn’t belong to Netflix (despite having Netflix in the name.)
– The website asked for too much information. It doesn’t need, for example, bank account or sort codes.
Watch out for these types of scams, and if you’re unsure, head to the Netflix website directly and use the contact information on their website to get in touch directly.
Thanks for reading! But before you go… as part of our latest series of articles on how to earn a little extra cash using the Internet (without getting scammed) we have been looking into how you can earn gift vouchers (like Amazon vouchers) using reward-per-action websites such as SwagBucks. If you are interested we even have our own sign-up code to get you started. Want to learn more? We discuss it here. (Or you can just sign-up here and use code Nonsense70SB when registering.)
Become a Facebook Supporter. For 0.99p (~$1.30) a month you can become a Facebook fan, meaning you get an optional Supporter Badge when you comment on our Facebook posts, as well as discounts on our merchandise. You can subscribe here (cancel anytime.)