The wholesale phishing spree was discovered by an Australian security firm called Mailguard last week, Deadline reports. Although the firm hasn’t said anything on the number of targeted subscribers, according to Deadline, it’s around 110 million. For a moment we might assume the same as Netflix’s latest subscriber count is roughly the same.
The emails in question include a link leading to a fake Netflix login page (created on a compromised WordPress blog) which further asks for users’ credit card information, billing address, driver’s license, etc.
To make things look legitimate, scammers have shown binge-watchers the images of their favorite shows including The Crown, House of Cards, etc. A “reactivation” screen appears in front of the users after they enter all the information.
MailGuard said that the scammers seemed to have used a template system to create personalized messages. They only changed users’ name in the mail. The security firm had luck; they managed to capture a screenshot of an instance when the system failed to add a name to an email.
How to spot Netflix email scam?
The webpages shown to the victims look convincing, and the best way to spot their fake nature is to have a look at the URL. Moreover, you should be very cautious while opening emails and avoid clicking any link blindly. Netflix won’t ask to send your personal information over email, the company writes on their Help Center page.
In services like Gmail, hovering over an email reveals its domain that helps you guess its genuineness. It might be helpful while spotting a Netflix email scam. If you find such emails in your inbox, immediately flag it as spam and delete it.