Recommended

Netflix Phishing Scam: Fake Email Steals Passwords and Credit Card Details

A phishing scam is currently making the rounds of inboxes worldwide, targeting Netflix users with fake email messages claiming to have been sent by the streaming service.

The ongoing scam was first revealed by PhishMe, a cybersecurity firm which laid out the details of this recent attack that aims to trick users into sharing their email logins and passwords.

This new attack targets business email addresses and corporate email accounts by sending them a crafted email that purportedly comes from Netflix. The email, which originates from the already suspect onlineorders.desk-mail.com, tells users that they need to update their account details.

Get Our Latest News for FREE

Subscribe to get daily/weekly email with the top stories (plus special offers!) from The Christian Post. Be the first to know.

The email also does not address the customer by name, instead, it went with a generic "Dear Valued Customer," as ZDNet notes. This is a tell-tale sign that the message is part of a mass mail dump and not a customer service transaction.

This message has a link that leads to a fake Netflix login site which looks very much like the real one, with a few differences. For one, the link does not go to Netflix.com but elsewhere. More importantly, the site is not secured, as users can check by looking for a padlock icon and a "Secure" label beside the address bar, depending on the browser.

The fake login page is meant to steal passwords associated with the supplied email address. Once it's done recording those, the page then shifts to stealing credit card details using a fake Netflix billing form.

Netflix itself has warned subscribers time and again to be on guard against fake emails that could be part of phishing scams. According to PhishMe, the email address used to harvest information has been found in earlier scams since June, with similar schemes targeting Chase Bank, Comcast, TD Bank and Wells Fargo.

Users are advised to avoid clicking email links altogether. Like in this case, subscribers should instead go to the official Netflix website to check if the streaming service has any alerts for them.

Was this article helpful?

Help keep The Christian Post free for everyone.

By making a recurring donation or a one-time donation of any amount, you're helping to keep CP's articles free and accessible for everyone.

We’re sorry to hear that.

Hope you’ll give us another try and check out some other articles. Return to homepage.