Email Scam Du Jour: Netflix

By George Khoury, Esq. on January 19, 2017 | Last updated on March 21, 2019

The most recent email scams making the rounds involve everyone's favorite movie streaming service, Netflix. While email scams are nothing new, the new Netflix scams, like the newest Gmail scam, have learned from the mistakes of past scams.

Scammers, in their usual style, utilize a phishing campaign, which involves sending out mass emails hoping that a couple people don't recognize the deception. However, unlike most phishing scams, where it is usually pretty easy to spot the tell-tale signs of a scam, the newest Netflix scam is much more sophisticated and difficult to detect.

How the Scams Work

Scam 1: A person will receive an email that looks like it came from Netflix. The email will ask a person to click a link to update their information. The link will direct a person to a page that looks exactly like a Netflix page, and a user will be asked to login, then asked for their credit card and billing information and even Social Security Number. Each page is designed to look exactly like a page on Netflix's own site, and the kicker is that when you are done giving the scammers all your info, they redirect you to Netflix's actual homepage.

Scam 2: A person will receive an email from Apple stating that they paid their Netflix subscription via iTunes (or made other purchases), when the person doesn't have Netflix set to pay through iTunes (or hadn't made those purchases). Recipients are then directed to click a "refund" link which directs them to a realistic looking fake Apple website in an attempt to steal credit card and other personal information.

Time to Avoid Being a Phishing Victim and Chill

Unless you've recently requested a password reset, or some sort of assistance, for an online account, treat any email asking you to click a link and update your information with extreme, and I do mean extreme, scrutiny. While it may seem normal for Netflix, or another service provider, or even your bank, to contact you via email to request an update on your information, it is a smart move to not click through to the service via that email, but rather to just open a web-browser and navigate directly to the service's site on your own.

While it may be a minor inconvenience to type a URL out rather than click a link in your email, remember that you are doing that to avoid being digitally robbed. In general, when you click a link or open an attachment in an email from an address you don't know, you are at risk of being digitally robbed.

Be safe and click smart.

Related Resources:

Copied to clipboard