MailGuard 04 November 2021 13:15:58 AEDT 5 MIN READ

Netflix Subscribers Spoofed with Fake Account Suspension Email Alert

Netflix customers must remain vigilant, with a phishing email landing in inboxes, claiming that your account has been suspended. Once again, scammers have imitated the popular streaming service, in an attempt to steal sensitive credentials, including login details and credit card information to sell on the dark web and use in follow-on criminal campaigns. With millions of subscribers worldwide, it is highly likely that unsuspecting users will fall prey to this scam.

The email alerts the recipient with the subject line, ‘Your account has been suspended, please update your information!’ purportedly being sent from ‘NETFLIX’. The body of the email advises the user that their billing information has not been validated, which will ensue in the suspension of their Netflix membership if not rectified in the next 48 hours. Scammers have used this message to create a sense of urgency in the user, in the hope of luring victims in to provide credit card information. The Netflix logo and branding has been used to feign authenticity.

Here’s what the email looks like:



Unsuspecting users who click on the red ‘restart your membership’ link, are taken to the page below which asks for Netflix login details, username, and password. From the screenshot below you can see that the page has been designed to look like an actual Netflix sign-in page, with scammers going to extra detail to include a Facebook login and new member sign-up options.

Netflix — Mozilla Firefox_711[20]

After entering details, and clicking on the ‘Sign in’ button, users are then taken to a second phishing page below, which requires victims to enter their credit card details in order to validate their billing details.

Netflix — Mozilla Firefox_712[1]

Netflix — Mozilla Firefox_713

To trick the user into thinking that their credit card details have been legitimately asked for by Netflix, and subsequently, that their subscription has been restored, victims are taken to the following spoofed verification page asking them to enter a security code delivered by SMS. After which, users are redirected to a legitimate Netflix website page.

Netflix — Mozilla Firefox_714

Whilst MailGuard is stopping this email scam from reaching customers, we encourage all users to exercise caution when opening messages, and to be extra vigilant against this kind of cyber-attack. If you see an email from Netflix, please make sure it is legitimate communication before you open it.  

How to know if an email or text is actually from Netflix? 

Netflix offers the following advice on its support page: 

"We will never ask you to enter your personal information in a text or email. This includes:

  • Credit or debit card numbers 
  • Bank account details 
  • Netflix passwords 
  • We will never request payment through a 3rd party vendor or website. 
  • If the text or email links to a URL that you don't recognize, don't tap or click it. If you did already, do not enter any information on the website that opened." 

More information can be found here: 

MailGuard urges users not to click links or open attachments within emails that:    

  • Are not addressed to you by name.    
  • Appear to be from a legitimate company but use poor English, or omit personal details that a legitimate sender would include.   
  • Are from businesses that you were not expecting to hear from, and/or  
  • Take you to a landing page or website that is not the legitimate URL of the company the email is purporting to be sent from.    

One email is all that it takes    

All that it takes to devastate your business is a cleverly worded email message that can steal sensitive user credentials or disrupt your business operations. If scammers can trick one person in your company into clicking on a malicious link or attachment, they can gain access to your data or inflict damage on your business.    

For a few dollars per staff member per month, you can protect your business with MailGuard's predictive and advanced email security. Talk to a solution consultant at MailGuard today about securing your company's network. 

Stay up-to-date with MailGuard's latest blog posts by subscribing to free updates. Subscribe to weekly updates by clicking on the button below.

Keep Informed with Weekly Updates