NETFLIX email phishing scam is spreading

Cyber Threat Alert: NETFLIX email phishing scam is targeting millions of NETFLIX users

A very convincing email scam is circulating the Internet targeting NETFLIX users.  The phishing email informs the target (or victim) a billing issue resulted in their account suspension! But not to fear, the email has a convenient link to a (very fake) Netflix landing page for you to re-enter your billing information and re-active the account (no, not really).  The landing page is fake and is a honey-pot tactic to CON the target out of credit card information.  This particular email is convincing and the landing page quality is extraordinary convincing.

Phishing attack targets NETFLIX users.

The email (click the image to enlarge) contains all the hallmarks of a phishing attack.  1) The sender is unknown, 2) it is not sent directly to you in the To: line, and 3) It contains a button directing you to login. 

Legitimate (or dare I say ethically based) businesses never give you a link to a login page. They instead instruct you to navigate to the website and login from the website.  It’s easy to plant decoy Login Buttons or links inside emails that redirect you to a website that is not what you intend to visit. 

Fake NETFLIX landing page

The Landing Page (next image) is notable for its clean, professional appearance closely mimicking NETFLIX’s style.  The first part of the CON starts and the hackers harvest your NETFLIX login credentials as the target tries to log in.

Look at the domain name in the upper left corner of the screen shot:  “www.veganxxx.net” (i did not repeat it in the blog to prevent a link back to that site). Obviously this is not NETFLIX that and there is no “Green Bar” openID confirmation that this is a NETFLIX Site.

“Green Bar”s appear in modern web browsers to confirm the site was validated by a reputable Certification Authority and posses Secure Socket Layer (SSL) encryption to protect your privacy.  Enhanced Validation (EV) are costly and nearly all large Internet-based companies have gone through the process.  It’s a safe bet that NETFLIX has.

Example Green Bar validation from Twitter
Example Green Bar validation from Twitter

It’s called “Green Bar” because a portion of the address bar of your browser will turn green. Clicking on the green text or green lock icon will open a display that shows you the site EV and who verified it.  In the example, Twitter Inc’s website was validated by DigiCert Inc, an industry leader in website identity security and validation. (on mobile devices, the entire address bar will turn green and have a green lock)

In the following fake-NETFLIX screens, the CON then asks for your billing information and then credit card information.  Again, the quality of the pages lead one to believe that it is legitimate.  I choose not to repeat the screens here. Trust me, they look convincing…I just don’t believe in giving the CON-artist more credit than they deserve for scamming people. Don’t fall for it.

What to do to protect your self:

  1. Verify the sender’s address is known and/or trusted.
  2. Always hover your mouse or right-click if for properties before clicking it. Validate the address is what is displayed in the email.
  3. NEVER EVER EVER click on a login button in an email. Go to the website yourself and login.
  4. Activate your email provider’s SPAM protection. Install and activate SPAM protection on your computer.
  5. Use a different email address for commercial mailing lists and accounts. Keep your business and personal emails separate.
  6. Validate in your browser’s address bar the website’s authenticity. “Green Bar” sites are validated for you.

Stay safe out there! Add your own protection tips or questions in the comments below.

This article first appeared on www.dynamiccyber.com. Please share this article using the social media links below and subscribe to our newsletter for instant updates to your mailbox.  New subscribers will get free access to our Social Media Cyber Security checklist.

Leave a Comment Here, Contribute!

Scroll to top