Netflix users are being warned to avoid clicking on any suspicious email links after a phishing scam was uncovered, which security experts say is designed to steal credit card details.
Found by Australian cybersecurity firm MailGuard, and shared on Twitter by the New South Wales police, the fake emails use convincing social engineering tactics – including the official Netflix website layout – in an attempt to dupe recipients into entering financial details.
The email reads: "We attempted to authorise the Amex card you have no file but were unable to do so. We will automatically attempt to charge your card again within 24-48 hours. Update the expiry date and CVV as soon as possible so you can continue using it with your account."
An 'update payment' button in the email, if clicked, will lead to a phishing site with bogus Netflix branding. Any card details entered will be sent directly to the hackers.
After details are hijacked, the fake website even sends the victim to a real Netflix page to reduce suspicions.
"Netflix has become a favourite vehicle for email fraudsters," MailGuard's Emmanuel Marshall wrote in a blog post Wednesday (10 January).
"Its large customer base makes them a valuable target for brandjacking; cybercrime that exploits the trademarks of well-known companies to deceive victims.
"Phishing can be enormously costly and destructive, and new scams are appearing every day."
A Netflix spokesperson told news.com.au in a statement: "We take the security of our members' accounts seriously and Netflix employs numerous proactive measures to detect fraudulent activity to keep the Netflix service and our members' accounts secure.
"Unfortunately, these scams are common on the internet and target popular brands such as Netflix and other companies with large customer bases to lure users into giving out personal information."
It remains unknown how many people have been targeted in the scam so far.
Luckily, there are ways to stay protected from such schemes, the official Netflix notes on a help page. Crucially, it tells users to never click suspicious messages claiming to be from the firm.
It states: "Never enter your login or financial details after following a link in an email or text message. If you're unsure if you're visiting our legitimate Netflix website, type www.netflix.com directly into your web browser."
And if you clicked a suspicious link or provided any personal information to website posing as Netflix, the company suggests you do the following:
- Change your Netflix password to a new, unique one.
- Update your password on any other websites where you used the same email and password.
- Contact your bank if any payment information was entered, it may have been compromised.
- Forward the message to firstname.lastname@example.org with the steps above.