Popular entertainment company Netflix is once again the subject of an email scam intercepted by MailGuard.
Using a display name of ‘Support’, the email is titled ‘Netflix: Your subscription has been suspended’. Its email body includes the company’s logo, and informs users that their Netflix subscription payment ‘was declined’. Users are directed to update their payment method within 24 hours to avoid their account from being permanently deactivated.
Here’s what the email looks like:
Unsuspecting recipients who click on the link to update their payment method are led to a login page asking users for their email address and password. As you can see from the screenshot below, this page is designed to look like a legitimate page belonging to Netflix:
Interestingly, the domain used in the page’s URL doesn’t belong to the company. This is actually a phishing page. Once users “sign in” to their accounts, their credentials are harvested and they are led to a similar page asking for users’ credit card details. Here’s a screenshot of that page:
This is also a phishing page designed to harvest users' confidential banking information. After users input their details as required in the fields above, they are led to a Netflix-branded page asking them for a one-time code that may be sent to their phone.
Whilst MailGuard is stopping this email scam from reaching Australian businesses, we encourage all users to exercise caution when opening messages, and to be extra vigilant against this kind of cyber-attack. If you see an email from Netflix, please make sure it is a legitimate communication before you open it. Please share this alert with your social media network to help us make the people aware of the threat.
Netflix is a regular target for cybercriminals. Earlier this month, MailGuard detected a similar phishing email also impersonating the entertainment company. With more than 203 million subscribers worldwide, there’s a high likelihood that many of those that are receiving the email are subscribers and that a portion of those will be too time poor to check the details in the email. In fact, over the years, MailGuard has intercepted numerous Netflix-themed email scams, including in:
In this particular scam, cybercriminals have employed the following techniques to trick users:
Besides the above, the inclusion of a one-time code at the end of the scam is also intentional. Safety features like these are normally expected from well-established organisations like Netflix, and its use is likely to boost the email’s credibility.
Despite these techniques, the phishing email scam contains multiple red flags that point to its illegitimacy. This includes the fact that the email doesn't address the recipient directly.
How to know if an email or text is actually from Netflix?
Netflix lists the following advice on its support page:
More information can be found here: https://help.netflix.com/en/node/65674
As a precaution, MailGuard urges you not to click links within emails that:
One email is all that it takes
All that it takes to break into your business is a cleverly-worded email message. If scammers can trick one person in your company into clicking on a malicious link they can gain access to your data.
For a few dollars per staff member per month, you can protect your business with MailGuard's predictive and advanced email security.
Talk to a solution consultant at MailGuard today about securing your company's network.
Why not stay up-to-date with MailGuard's latest blog posts by subscribing to free updates? Subscribe to weekly updates by clicking on the button below.