The Never-ending Netflix Phishing Scam

Password Security Best Practices for Keeping Your Data Safe

Have you ever received an email from Netflix saying that you need to update your account information?  It’s a common message that the Netflix team sends out when your account is causing an error, and it’s being replicated by phishing scammers who are looking to steal users’ credit card information.

The email they send looks just like the real thing, delivering a link that sends subscribers to a login page that is eerily similar to the Netflix landing page.  It replicates the logos and HTML that Netflix uses on their actual website, and even includes backsplashes that promote their original content, like “Stranger Things” or “13 Reasons Why.”  Once victims type in their username and password, they’re prompted to update all of their billing information, including their name, address, credit card information, and phone number.

The convincing look isn’t the only thing that is causing problems: whoever is behind the scam has found advanced methods to constantly bypass spam filters.  As you’ve probably seen in headlines, the scammers have been tricking Netflix subscribers since at least January 2017.  Their clever tactics continue to develop and bypass defense measures like spam filters, antivirus software, and phishing scanners.

What can you do to stay safe? 

The obvious answer is to avoid engaging in any emails like this.  Instead, access your Netflix account from their website using a secure device and determine if any action needs to be taken.  Netflix explicitly states that they “will never ask for payment information to be sent to us over email.” If you think you’ve been targeted, Netflix is asking that you report the message to their help center.

The ultimate defense against this scam is offered by Pegasus through our Phishing Assessment Program.  We provide our customers with a new phishing template that specifically guards against the Netflix phishing scam.  Our clients are sending this program to their employees to protect against email scams like this.  Contact our professionals today to learn more about this special initiative!