Phishing email scam spoofs Netflix again; threatens to suspend membership

Posted by Akankasha Dewan on 21 February 2020 12:24:48 AEDT

Netflix users, don’t panic if you receive an email threatening to suspend your membership and prohibiting you from watching your favourite TV shows. The popular entertainment company has once again been spoofed by cybercriminals in a phishing email scam.

MailGuard first detected these malicious emails infiltrating inboxes across Australia earlier today morning (AEST). Sent from a compromised account, the emails use a display name of ‘Netflix Service’ and are titled ‘Your payment didn’t go through’. However, the email address used in the ‘from’ field doesn’t use a Netflix domain.

The message body includes the Netflix logo and is titled ‘Membership Renewal’. It informs recipients that their membership will be suspended unless recipients renew it within 72 hours. A link is provided for them to do so.

Here is a screenshot of the email:  

Netflix_2102

Unsuspecting recipients who click on the link are currently led to a dead end.

Cybercriminals behind this scam have incorporated multiple elements to boost this email’s credibility. These include:

  • use of a major brand name to inspire false trust; using ‘Netflix Service’ as the display name boosts the email's credibility,
  • usage of multiple security features like links to Netflix’s terms and conditions page are typically expected of legitimate notifications from a well-established organisation like Netflix,
  • inclusion of high-quality branding elements like Netflix’s logo & branding in the phishing pages that are typically present in pages from the company and,
  • an alarming subject line; informing recipients that their ‘your payment didn’t go through’ creates a sense of urgency and anxiety, motivating users to take action immediately without checking on the email’s authenticity.

Despite these techniques, eagle-eyed recipients should be able to spot several red flags that point to the email’s illegitimacy. For instance, the user isn’t addressed directly in the email and the email address used in the ‘from’ field doesn’t contain a Netflix domain.

Netflix is a regular target for cybercriminals. With more than 158 million paid streaming subscribers worldwide, there’s a high likelihood that many of those that are receiving the email are subscribers and that a portion of those will be too time poor to check the details in the email. Netflix was also targeted with similar scams reported by MailGuard in DecemberSeptember and November last year.

MailGuard urges all recipients of this email to delete it immediately without clicking on any links. If you see an email from Netflix, please exercise caution and make sure it is a legitimate communication before you open it. Please share this alert with your social media network to help us make the people aware of the threat.

What to do if you receive a suspicious email

As a precaution, avoid clicking links in emails that:

  • Are not addressed to you by name, have poor English or omit personal details that a legitimate sender would include
  • Are from businesses you’re not expecting to hear from.
  • Ask you to download any files
  • Take you to a landing page or website that does not have the legitimate URL of the company the email is purporting to be sent from.

Don't get scammed

If your company’s email accounts aren’t protected, emails like the one above are almost certainly being received by your staff. Cybercriminals know people can be tricked; that’s why they send out millions of scam messages and put so much effort into making them look convincing.

People are not machines; we're all capable of making bad judgement calls. Without email filtering protecting your business, it’s just a matter of time before someone in your organisation has a momentary lapse of judgement and clicks on the wrong thing.

One email is all that it takes

All that it takes to break into your business is a cleverly-worded email message. If scammers can trick one person in your company into clicking on a malicious link they can gain access to your data.

For a few dollars per staff member per month, you can protect your business with MailGuard's predictive and advanced email security.

Talk to a solution consultant at MailGuard today about securing your company's network.

Why not stay up-to-date with MailGuard's latest blog posts by subscribing to free updates? Subscribe to weekly updates by clicking on the button below.

Keep Informed with Weekly Updates

 

 

Topics: Phishing brand exploitation brandjacking Netflix scam; fraud spoofing fastbreak

Back to Blog

Comments:


Something Powerful

Tell The Reader More

The headline and subheader tells us what you're offering, and the form header closes the deal. Over here you can explain why your offer is so great it's worth filling out a form for.

Remember:

  • Bullets are great
  • For spelling out benefits and
  • Turning visitors into leads.

Recent Posts

Posts by Topic

see all