Netflix may send customers the occasional email, but these messages will never ask you to provide them with personal or payment info. You'll want to keep this in mind if you encounter a new phishing scam that The Daily Dot reports is targeting the video streaming service's subscribers in Australia and the UK.
MailGuard, an Australian email security company, was the first to take notice of the fraudulent emails. While similar scams have targeted Netflix users in the past, this current iteration appears to be more convincing than most. At first (and perhaps even second) glance, the messages appear to be legitimate messages from Netflix, with an authentic-looking sender email and the company’s signature red-and-white branding. The fake emails don’t contain telltale signs of a phishing attempt like misspelled words, irregular spacing, or urgent phrasing.
The subject line of the email informs recipients that their credit card info has been declined, and the body requests that customers click on a link to update their card's expiration date and CVV. Clicking leads to a portal where, in addition to the aforementioned details, individuals are prompted to provide their email address and full credit card number. After submitting this valuable info, they’re redirected to Netflix’s homepage.
So far, it’s unclear whether this phishing scheme has widely affected Netflix customers in the U.S., but thousands of people in both Australia and the U.K. have reportedly fallen prey to the effort.
To stay safe from phishing scams—Netflix-related or otherwise—remember to never, ever click on an email link unless you’re 100 percent sure it’s valid. And if you do end up getting duped, use this checklist as a guide to safeguard your compromised data.
[h/t The Daily Dot]