Netflix Scam

The Growing Threat of Netflix Scams

5 Mins Read

Privacy & SecurityOnline SecurityThe Growing Threat of Netflix Scams

A Netflix scam arrives in your Inbox titled “Notice of Verification Failure” containing details regarding an issue with your billing. It asks the users to confirm their personal and financial details within 24 hours, or their account will be cancelled.

The phishing email is well orchestrated to bypass email filters put in place by your email service provider. It claims to be from the Netflix Support team and persuades users to give their credit card details.

Upon clicking the link in the email, users are led to a Netflix lookalike site with clear intentions – steal the user’s Netflix login credentials, billing address, and credit card details.

However, numerous indications point out the Netflix scam. While the phishing site looks just like the original Netflix site, by clicking any links on the site such as “need help” or “Sign up now,” the site doesn’t land you anywhere except the same page. One major giveaway is the site’s URL which is www.axxisgeo.com instead of www.netflix.com.

There’s no doubt that the Netflix scam is a clever way of tricking users into getting hold of their personal information and financial details. Such scams stress the need to be cautious online and discard any suspicious emails or texts asking you to verify your personal or credit card details.

How to be sure if an email or text is from Netflix

Netflix doesn’t ask for your personal information via text, email, or a third-party website. Personal information includes:

  • Netflix username and password
  • Debit or credit or card numbers
  • Bank account information

Pro tip: Make a habit of verifying the URL of a website. If you receive an email or a text from a shady URL, don’t click it. If you already clicked the URL, whatever you do, don’t enter your personal information.

What if you receive a suspicious email or text?

Suspicious emails and texts have become all too common nowadays. However, a scammer can only get the information from you when you give it to them. In short, don’t give your data without being one hundred percent sure.

For suspicious emails

  1. Don’t click the links or open the attachments.
  2. Report the email to phishing@netflix.com.
  3. Don’t think twice about deleting the email or report it as spam.

For Suspicious text messages (SMS)

On an iPhone, iPad, or the iPod Touch

  1. Take a screenshot of the suspicious message.
  2. Email it to phishing@netflix.com.
  3. Delete the suspicious message or report it as spam. 

On an Android device

  1. Take a screenshot of the suspicious message.
  2. Email it to phishing@netflix.com.
  3. Delete the suspicious message or report it as spam. 

If you clicked a link or provided personal information

In case you clicked a link or entered your personal information on the website, here’s what you should do:

  • Immediately change your Netflix password.
  • Keep strong and unique alphanumeric passwords.
  • Get in touch with your bank and check for any suspicious activity.

Tips to keep information safe online

Personal information should be kept private and only shared with legit websites. Here are some tips that you should keep in mind: 

  • When in doubt, don’t click a suspicious link.
  • Manually access the website by typing their official URL.
  • Don’t share your personal or financial details via email.
  • Verify the sender’s and recipient’s email addresses.
  • A desktop browser can show you the outbound URLs. Hover over links to see if the URL is the one you’re intending to visit (e.g. netflix.com).
  • Make sure you have an encrypted online connection for optimal online security.

 

How Netflix scams work

The cybercriminals send out fake emails, including a rather formal subject line, “Reminder: Update Payment Method.” The subject line alone can trigger users to click the email, which suggests a problem with the user’s payment details when charging for the next month.

The message in the email states:

“We’re having some trouble with your current billing information. We’ll try again, but in the meantime, you may want to update your payment details.” 

The scammers have cleverly placed the logo of Netflix in the emails to make it seem genuine. However, no official company approaches you with a ‘Hi Dear’ greeting which should immediately act as a warning sign regarding its illegitimacy.

The email creates a sense of urgency with the ‘update account now’ button in bold red so that the recipient clicks the button. The red button lands victims on a page with a form requesting to update their credit card information.

Netflix phishing scams are lucrative for cybercriminals

Phishing scams bring in a lot of money for cybercriminals, and Netflix phishing scams are minting a great deal of money for cybercriminals. According to research, Netflix is the 2nd most impersonated brand when it comes to phishing attacks.

Netflix hosts thousands of TV shows and movies across its international library. Some shows are often surrounded by high anticipation, compelling Netflix users to fall for the scam as they don’t want to miss out on releasing their favourite TV show or a movie by having their subscription cancelled.

Similar scams have already been taking place on HBO since 2019. With highly anticipated shows like Game of Thrones, cybercriminals created fake pages impersonating the main HBO website. The phony website took personal and credit card information later for sale on the dark web.

How to stay safe from Netflix phishing scams

Netflix phishing scams are increasingly becoming difficult to detect. However, there are particular giveaways that you can spot before falling victim to the fraud. 

1. Hover over the link/button

Don’t rush to click a link or a call to action button. Hover over them, and you’ll see the landing URL of the site at the bottom left side of the screen. If the URL doesn’t match with the original site’s URL, don’t click it.

2. Request for personal information

If you’ve received an email asking for your personal information such as credit card details, an account password, or any other personal detail, it’s probably a scam. Renowned companies don’t ask for your details via email. 

3. Wrong spelling and grammar 

Reputable companies make sure to send out error-free emails. If you’ve received an email with spelling mistakes or poor grammar, it probably didn’t come from a genuine organization. Also, check the sender’s email address to rule out the possibility of a phishing email. 

4. Creates urgency

A phishing email tends to create urgency to submit your personal information. This is primarily because they want your banking information before the company alerts users of an ongoing phishing scam. When in doubt, contact the company directly via their official website or social handles.

5. Big claims

Phishing emails are usually packed with claims that seem too good to be true. If an email contains messaging that’s too good to be true, then it usually is. Don’t believe claims such as you’ve won a prize and claiming the prize requires your personal details.

In a Nutshell

Phishing attacks have doubled in the past year. Protection against phishing attacks secures you from dozens of malware attacks crawling on the web and keeps your personal information safe from cybercriminals.

Ather Owais Ather Owais is a tech and cybersecurity enthusiast. He is a strong advocate for online privacy and security, following technological trends and their impact on today's digital era.

Have Your Say!!

Join 3 million+ users to embrace internet freedom

Signup for PureVPN to get complete online security and privacy with a hidden IP address and encrypted internet traffic.