We know that the internet is a pretty dangerous place, particularly if you aren’t careful about your financial data. It becomes even simpler and easier to execute a scam if it is linked to a popular app or service that you may use, and millions more around the world. This time around, the name being used is Netflix, the most popular video streaming platform globally. The scam is using Netflix’s brand recognition and is copying the visual effects rather well (admittedly, as you can see in the image above and below) to get login credentials, billing details and credit card details of unsuspecting users.
Cloud office security platform Armorblox details how this Netflix scam works. Basically, it will start with you getting a mail from what seems like the authentic Netflix. The mail would usually say that there is a problem with your billing details and your Netflix subscription will pause if you don’t click on the link in the mail and correct this. It is quite easy to fall for it, click on the link and be taken to a website that looks eerily like the original Netflix website. There is even a captcha stage, which would make everything seem very authentic. You will be asked to login with your Netflix account, enter your credit card details and your billing information. Once the scammers have this information, they helpfully redirect you to the actual Netflix website—and you are absolutely in the dark that you’ve just been scammed. Big time.
Image: Armorblox
“Unlike spray-and-pray email fraud attempts, this email was expressly created and sent to trigger the required response. The email title was ‘Notice of Verification Failure’, which isn’t exactly how a Netflix email sounds but still ‘robotic’ enough for readers to assume that it came from Netflix Support. The email language and topic was intended to induce urgency owing to its punitive nature (cancellation of the Netflix subscription). The call to action – Click here to update your information – is simple and effective. The email claims that the reader’s subscription will be cancelled if they don’t update their details within 24 hours, furthering the sense of urgency,” says Armorblox.
Scammers are using all the tricks in the book and some more to really make you share your financial details, including credit card details. You must refrain from clicking on links sent to you via emails, and always pay attention to the sender of the email—the spellings and the full sender’s email address. That is usually a giveaway that something is amiss, and it isn’t genuine. Secondly, even if you click on the link in the email, do notice the complete web address in the address bar on the top of the web browser, before sharing any information—that is another giveaway. And if everything still looks genuine, there is no harm in logging in on the actual website or app in question and checking for yourself if what is being said in the email is actually true or not.
