Netflix users are warned to be on guard as a new scam asking unsuspecting users to complete an online verification process hits inboxes.
Email security firm MailGuard has intercepted an email phishing scam that looks exactly like it’s from Netflix and tells recipients that their “billing information has been modified”, encouraging them to visit the “online help centre...and complete any missing information” lest their account be suspended.
But this is a fake, warned MailGuard.
“Purporting to come from popular entertainment company Netflix, the email is actually sent from a single compromised email address,” MailGuard stated in a post on their website.
Also read: Netflix embroiled in new phishing scam
The email subject line states ‘Account Informations Update’ and notably doesn’t greet you by name (“Hello from Netflix Help Center”).
Here’s what the email looks like:
Clicking the link – which appears to be a legitimate Netflix webpage to their Help site – takes victims to a fake Netflix-branded login page that asks for their login details to sign in.
But again, it’s a fake.
After users log in to the fake page, they’re then led to another fake page that asks them to ‘Update their Payment Information’.
You’ll be asked to input your details including your first and last name and your banking details.
When you’ve hit ‘Update Payment Method’, users will be told to complete a three-step verification process in which they’ll be asked to “‘enter the password displayed’ in their mobile phones or device” three times.
Then they’ll be told they’ve successfully updated their information – and then are taken to the legitimate Netflix page.
“The sole purpose behind this elaborate scam is to steal Netflix users’ email addresses and passwords, along with their credit card and other personal details,” MailGuard said on their website.
Legitimate-looking email and website a major danger
Users will have to be especially vigilant as the scammers have gone to painstaking lengths to imitate the real Netflix logo, colour scheme and fonts.
Adding in a ‘three-step verification process’ is only designed to heighten the sense that the phishing scam is safe, secure, trustworthy and therefore legitimate.
MailGuard said Netflix was a popular target for cybercriminals. “With more than 158 million paid streaming subscribers worldwide, there’s a high likelihood that many of those that are receiving the email are subscribers and that a portion of those will be too time poor to check the details in the email,” the email security firm said.
“MailGuard urges all recipients of this email to delete it immediately without clicking on any links.
“If you see an email from Netflix, please exercise caution and make sure it is a legitimate communication before you open it.”
MailGuard also encouraged individuals to raise the alarm with their family, friends and on their social network to increase awareness about the scam.
How to tell if the email is a scam
Typical giveaways of a scam email will be that they are written in poor grammar, don’t address you by name, and come from a well-known organisation or service provider.
They’ll almost always ask you to click a link in the email to get you to visit their fake website. If you’re not sure, just call the company to ask if the email is legitimate.
They might also offer a reward of money or a gift for you to hand over your personal or banking details.
And if they request information that they should already have about you, that’s a major warning sign.
Make your money work with Yahoo Finance’s daily newsletter. Sign up here and stay on top of the latest money, news and tech news.