Did you receive this Netflix scam email? Be careful…

June 26, 2023

Contributed by George Mack, Content Marketing Manager, Check Point Software

Have you received a suspicious looking email purporting to come from Netflix? Be extra careful to protect yourself from a potential scam.

Phishing emails targeting Netflix customers have been around for years, but the consequences of falling victim to one still remains high. You could lose access to your Netflix account, as well as sensitive information including addresses, phone numbers, and credit card numbers.

Example of a Netflix scam email

Below is one example of a Netflix phishing email. If you have ever received anything like this in the past, then know that it’s part of a social engineering scheme.

Netflix image The email states: “We were unable to validate your billing information for the next billing cycle of your subscription therefore we’ll suspend your membership if we do not receive a response from you within 48 hours.”

If you click on the link, it leads you to a phishing page designed to extract your information. As with most phishing emails, there are some red flags indicating that the message is fake.

First, the text “Payment Declined” appears to be in a different font and size than the body.

Second, the message begins with “Dear Customer.” However, most companies do not start their emails like this.

Third, there are grammar and spelling errors. The email states “48hours” with a missing space. There’s a missing period at the end of the second paragraph, and the words “RETRY PAYMENT” are not enclosed in quotes.

You should never update your financial details after being prompted to do so via email. Netflix has stated “We will never ask for your personal information by texts or email. This includes: Credit or debit card numbers; Bank account details; Netflix passwords.”

How do hackers know that you have a Netflix account?

When you receive a Netflix phishing email, you may find yourself asking, “How did these hackers know that I have a Netflix account?” You may feel that your data isn’t truly secure.

There are two ways in which hackers find your email address and target you.

First, they could have acquired your email address in a data breach that specifically involved Netflix. This makes it easier for hackers to carry out their schemes, as it guarantees that their phishing email campaigns are highly targeted.

Second, they might just be guessing that you have a Netflix account, without any real way of knowing whether you do or not. Hackers can scrape email addresses from the web but are unable to map the email addresses to certain services, like Netflix. So, they cast out a wide net.

Hackers curate a list of the most popular consumer companies, including Amazon, Apple, Netflix, DHL, and others – blasting phishing emails purporting to come from each of these companies. Thus, even if you don’t have an Amazon account, you may just have a Netflix account, and that’s the phishing email that grabs your attention.

How can you spot a Netflix scam email?

This advice not only applies to phishing emails pretending to come from Netflix but also to other potential phishing emails.

If you find yourself second-guessing the true intent of an email, ask yourself the following questions:

Check the true email address from the sender. Does it represent the website in question (e.g. Netflix.com)?
Are there any grammar or spelling errors?
Gauge the agenda of the email. Is the sender asking for something private and valuable, such as a credit card or a social security number?
Does the email read as if it were not written by a native speaker?
Is the email designed to make you feel panic, urging you to act quickly – or else you’ll lose access to your Netflix account?
Is the link of the web page that you’re taken to hosted on a suspicious domain name (e.g. walmart832.info as opposed to walmart.com)?
Is there a suspicious attachment accompanying the email?

If you find yourself receiving one of these emails, then don’t click on any links. Delete it and block the sender. Report the message to Netflix, your email service provider, and your IT administrator. Finally, make sure you’re following password best practices to strengthen your online security.

To receive more timely cyber security news, insights into emerging trends and cutting-edge analyses, please sign up for the cybertalk.org newsletter.