Scammers are targeting Netflix customers with an email phishing attack in order to steal their personal information including credit card information.
The email scam targets unsuspecting subscribers of the popular streaming platform by mimicking an official Netflix communiqué. The well-designed and individualized fake email warns customers that their Netflix accounts are facing suspension. It then goes on convincing them to update their account information. This leads to the victims willingly giving away their personal data.
First spotted earlier this week, the email contains the subject line: “Your suspension notification” and includes a URL that takes the recipient to a fake Netflix page. On a casual look, this fake Netflix page appears almost legit, which is why some users submit their log-in information and payment details (including credit card information) without giving it a second thought. The fake website includes the original Netflix logo, as well as popular shows such as House of Cards and The Crown.
According to reports, the scam had already targeted nearly 110 million Netflix subscribers by the time it was discovered on Nov 5, 2017.
Netflix urges users to visit netflix.com/security if they are not sure about a suspicious email. The company also advises users to forward all suspicious emails purporting from the company to firstname.lastname@example.org.
Note that this is not first such attack against Netflix subscribers. There have been similar phishing campaigns in the past where scammers sent out phishing emails designed to look as though they actually came from the streaming company.