People are used to phishing emails from Nigerian princes and Western Union by now, but it’s not only financial institutions that get impersonated by scammers. Because the average person sucks at security and re-uses the same password across many sites, login credentials for seemingly-boring things like Netflix can also reap rewards for hackers.
An alert from police in the UK details how a cunning new phishing scam is trying to steal people’s Netflix account logins, both to get free binge-watching but also potentially valuable credentials. Billing details are also at risk, since users are happy to enter their credit card details in a website seemingly owned by a service they know and love.
Here’s the warning from Action Fraud, a joint initiative between the City of London Police and the National Fraud Intelligence Bureau in the UK:
Watch out for these fake Netflix emails.
We’ve seen an increase in reports about fake Netflix emails claiming that there’s an issue with your account, or that your account has been suspended. The email states that you need to “update” your account details in order to resolve the problem. The link in the emails leads to genuine-looking Netflix phishing websites designed to steal your username and password, as well as payment details.
Always question unsolicited requests for your personal or financial information in case it’s a scam. Never automatically click on a link in an unexpected email or text.
As always, the easiest way to avoid having your details stolen is simply to never click a link in the first place. Phishing websites can be virtually indistinguishable from the real thing, so the most foolproof way is just to go to your browser and navigate to Netflix, rather than going through an email link.