With over 110 million subscribers, Netflix is currently the world’s leading online subscription service for watching TV series and movies on smart TVs, PCs, mobile devices, tablets and more.
So, it’s no wonder Netflix subscribers worldwide were the latest targets of a well-designed phishing scam.
Netflix members around the world received a well-crafted personalized email notice with the subject line “Your Suspension Notification”. In this email, members were asked to update their account information, as Netflix was unable to validate their billing information for the next billing cycle, and if the member did not provide a response, their account would be suspended within 48 hours.
This email contained a link to “Restart Membership”. If the member clicked on the link, they would be redirected to a fake Netflix website page, where the members were given instructions to login to their account and enter their personal information, including credit card details. Once the fake website collected the sensitive data, a message would appear on the member’s screen “Your Membership Has Been Reactivated”, giving the member a false sense of security that this transaction was a legitimate transaction.
Netflix told ABC News they are aware of the ongoing scam. “Unfortunately, scams are common on the internet and target popular brands such as Netflix and other companies with large customer base to lure users into giving out personal information,” Netflix said in a statement to ABC News.
Netflix also posted a notice to their members on their security page to keep their personal information safe, suggested contacting their customer service department directly, and to remember that Netflix would never ask any of their customers for any personal information via email. If you’re unsure about your account status, go to Netflix’s website directly, login and securely check your information there.
Cybercriminals will create fake websites that look like exactly like Netflix website or other company’s website, or send emails that appear to be sent from legitimate companies and ask for your personal information. They will also go to great lengths to take over your account and steal your personal information.
Important Guidelines to protect yourself from Phishing Scams –
- If you receive an email, which you think might be a Phishing email, don’t open it, reply to it, or click on any links in the email;
- Cybercriminals are getting very savvy at creating fake emails and bogus websites which look convincing and original, so it’s always a good practice to carefully check and confirm the email is coming from the actual company’s domain; If you’re not sure, go to the company’s website directly or call them at the phone number you know and not from the phone number provided on the email;
- Another obvious indication that the suspicious email is fraudulent is, that it will occasionally ask you for your social security number; A legitimate company will never ask you for your social security number in an email;
- You should always be skeptical of any unprompted inquiry that asks for money;
One of the major methods of malicious cyber-attacks are by using phishing emails, so it’s important to train your employees to recognize suspicious emails and know how to report it. There are helpful tools like PhishPro Tracker, a free add-in to any Office 365 subscription, that can be used to easily and quickly report suspicious emails and help protect your organization.
Block threats that arrive via email using hosted email security and anti-spam protection and leveraging PhishPro Tracker.
It is important to implement proper security measures by the company or organization to mitigate the effects of Phishing attacks. The adoption of proper security measures will reduce the chances of occurrence of phishing attacks. Please visit https://www.phishpro.com for more information on how to protect yourself and your organization.