Thousands of Netflix
customers have been scammed into handing out their credit-card information through a convincing-looking false email.
The phishing scam prompted users to update their payment information on the site to avoid service being suspended. Once they clicked “update payment,” according to security company Mailguard, they were taken to what looked like a legitimate log-in portal to input credit-card information.
Scams like this, called “brandhacking,” rely on the strength of a company’s name to get users to trust such emails. How would they know you have a Netflix account? They don’t. But some 99 million Americans have a Netflix account. These scams will only become more common in 2018, said Christopher Dore, a partner specializing in privacy issues at Chicago law firm Edelson.
“When you have a ubiquitous brand like that you can send 100 emails and be pretty confident that 50% of those people have a Netflix account,” he said. Until spam filters become more sophisticate, “it is up to the consumer to become hyper vigilant and, unfortunately, that is not the way people approach it.”
This is the second time in the past year Netflix users have been targeted by phishing attempts. Users should be careful when opening emails from any company to check the full sender information to ensure it is truly from the company it advertises. And never give out your Social Security number or credit-card details via links on an email.
Clicking the arrow next to the sender information should also show more information, including the exact address it was sent from. Beware of emails that are close but not identical to the official email addresses (@netflix.org instead of @netflix.com, for example).
A Netflix spokesman told MarketWatch said subscribers to the streaming service can read more at netflix.com/security or contact customer service directly.
“We take the security of our members’ accounts seriously and Netflix employs numerous proactive measures to detect fraudulent activity to keep the Netflix service and our members’ accounts secure,” he said. “Unfortunately, scams are common on the internet and target popular brands such as Netflix and other companies with large customer bases to lure users into giving out personal information.”