Malicious email purporting to be from ‘NETFLlX’ delivers phishing attack

Posted by Akankasha Dewan on 25 January 2019 12:10:30 AEDT

You can never be too careful when clicking links or entering confidential information online. A recent email scam purporting to be from Netflix reminds cyber users of the importance of being vigilant and looking out for tell-tale signs that may point to the illegitimacy of emails.

MailGuard first detected malicious emails infiltrating inboxes across Australia on Monday evening (AEST).

Sent via a malicious sender, the emails use a display name of "NETFLlX" with a lower case 'L' character to replace the 'i'.

The message advises the recipient that their account has been suspended due to some issues in the "automatic verification process."

Here is a screenshot of the email:

Netflix edited

A link is provided to "UPDATE YOUR DETAILS" which leads to a Netflix branded phishing page, which is a copy of the actual Netflix sign in page. Below is a screenshot of the page:

Screenshot from 2019-01-23 10-44-43 (002)


As you can see from the screenshot above, cybercriminals have taken great pains to incorporate the exact colour scheme, logo, fonts and popular images commonly found in Netflix pages in a bid to convince the user that the email is actually originating from the entertainment company. However, while this email is well-designed and uses a sophisticated HTML design, it contains several red flags for anyone who is vigilant enough to spot fake email scams.

Firstly, there are several grammatical and spelling errors within the body, such as the bolded "suspeneded". Spacing errors are also present throughout the email, a trait that is expectedly not likely to be present if the email was, in fact, being sent from a well-established organisation such as Netflix.

This is not the first Netflix based scam MailGuard has seen recently. Netflix is a popular and well trusted company with an immensely large customer database, so their branding makes a good lure for cybercriminals looking to deceive people. 

If you see an email from Netflix, please exercise caution and make sure it is a legitimate communication before you open it. Please share this alert with your social media network to help us make the people aware of the threat.

What to do if you receive such emails

As a precaution, avoid clicking links in emails that:

  • Are not addressed to you by name, have poor English or omit personal details that a legitimate sender would include
  • Are from businesses you’re not expecting to hear from.
  • Ask you to download any files

Take you to a landing page or website that does not have the legitimate URL of the company the email is purporting to be sent from.

Don't get scammed

If your company’s email accounts aren’t protected, emails like the one above are almost certainly being received by your staff. Cybercriminals know people can be tricked; that’s why they send out millions of scam messages and put so much effort into making them look convincing.

People are not machines; we're all capable of making bad judgement calls. Without email filtering protecting your business, it’s just a matter of time before someone in your organisation has a momentary lapse of judgement and clicks on the wrong thing.

For a few dollars per staff member per month, add MailGuard's cloud-based email and web filtering solution to your business security. You’ll significantly reduce the risk of new variants of malicious email from entering your network. Talk to an expert at MailGuard today about your company's cybersecurity needs:

Keep up to date on the latest email scams by subscribing to MailGuard’s weekly update, or follow us on Twitter @MailGuard.

Keep Informed with Weekly Updates


^ Back to Top

Topics: Phishing email scam Cybersecurity cybercrime

Back to Blog


Something Powerful

Tell The Reader More

The headline and subheader tells us what you're offering, and the form header closes the deal. Over here you can explain why your offer is so great it's worth filling out a form for.


  • Bullets are great
  • For spelling out benefits and
  • Turning visitors into leads.

Recent Posts

Posts by Topic

see all