There have been a number of news stories recently about phishing scams targeting Netflix users. ‘Phishing’ is the term used when a malicious user attempts to acquire login details by posing as the legitimate website. There are a number of ways to spot these phishing attempts which will hopefully help you to protect both your Netflix account and other online accounts you may have. What follows are some key things to look out for in any email.
Update: The current approach is to send a Cancellation Confirmation email saying we’re sorry to see you go and provide a link to reactivate your account. The following guide will help you to spot the scam even though the example email is different.
Here’s an image (click to enlarge) of an email with some annotations to match the advice below:
1) They Look Real
First things first, scam emails look real. The phishers are not stupid and know that they need to look legitimate in order for people to click on links and provide their login details. The sender’s address is also very easy to spoof so even if it says it’s from Netflix it may not be.
2) Do You Even Have an Account?
Phishers don’t know anything about you and will send the same email to thousands, if not millions, of people. So the first thing to check on any email is if you have an account with the company. In our example, if you don’t have Netflix then receiving an email about Netflix should make it clear that it’s not legitimate.
3) Who Sent It?
Even though the name in your email software might say Netflix, what was the actual address it was sent from? Depending on how you check your email you may have to click on the sender’s name or hover over it or click an arrow to show more. If it’s not from @netflix.com then it’s not real. BUT the reverse is not always true – if it says it is from @netflix.com is does not mean it is definitely real.
4) Is It Your Correct Email Address?
Many people have multiple email accounts so has the email from Netflix been sent to the correct one? Say your Netflix subscription is under JohnSmith1980@hotmail.com but the email comes to your gMail account JohnSmithRulez@gmail.com then this should alert you that it is not a legitimate email from Netflix. Ask yourself, how would Netflix have known your other email address when you’ve never given it to them? Wouldn’t it make sense for them to contact you on your registered email?
5) “Dear Customer…”
Phishers don’t know your name so they try and get around this with generic greetings like “Dear Customer”, “Hello” or sometimes just “Dear”. Using your email address instead of your name is another common approach. Netflix know your name, so why wouldn’t they use it?
6) Short Deadlines / You Must Login
When people are under pressure they don’t always make time to think about what they’re doing. This fact gets used by phishers by putting urgent, short deadlines on what needs doing. For example “You must log in before xyz date” or “login immediately to rectify this”. This kind of pressure is usually in spoof emails and not legitimate ones.
7) If You Think There’s An Error…
Similar to the “you must login” from above, another common approach in phishing emails (although not in the Netflix ones I’ve seen) is to say your current bill is ready and it’s hundreds or thousands of dollars/pounds/yen/shekels. Then straight after there would be something along the lines of “if you think this is an error then please log in here…”.
(a) The previous two tips have mentioned links to log in. There are two things to look out for with links in emails; firstly, if the link is near a command telling you you must log in to fix it or report an error then chances are this is this is a phishing attempt – they make it as easy as possible for you to want to go to their fake website. Many legitimate emails will have a link to their site but it is good practise not to send users to a login page from an email. A safe email will simply say “Log in to your account” without having an actual link.
(b) That’s not to say that all links in emails are bad, but you should always treat them with caution. The second thing to look for is where the link is actually sending you. A link from Netflix should send you to https://www.netflix.com/…… but spoof ones won’t. They need you to go to a fake website that looks just like the real thing for you to enter your login details. So take a careful look where the link is sending you. On a desktop you can usually hover over the link text and it will show you where it is sending you; on a touchscreen device you may have to tap and hold the link to see the details of where it wants to send you. Look out for similar looking addresses like netflixx.com (2 x’s), netfllx.com (l instead of i), netflix.something.com (has netflix in the name but isn’t netflix.com) etc. Any shortened links like bit.ly or tiny.url should also ring alarm bells.
9) Spelling, Punctuation and Grammar
I don’t want to sound like a school teacher but spelling, punctuation and grammar are important. So much so that people get paid money to write professional emails so any dodgy speelings or ext ra addded sp aces should make alarm bells ring.
10) The Safest Way To Check
The only foolproof way to check the legitimacy of the email is to manually go to the Netflix website by typing www.netflix.com in your browser. Don’t search in Google etc for Netflix as there may still be fake sites coming up in search results. Once you log in on the website, if there are any issues with your account then they will tell you there. You can also contact Netflix directly from their help pages here: https://help.netflix.com/
I Clicked The Link… Now What?
OK, if you got caught out then the main thing is DON’T PANIC! If you didn’t enter your login details then they won’t have any of your details so that’s fine. If you DID enter your login details then you need to go to the Netflix website directly, log in to your account and change the password immediately. If you use the same password across different services (we do NOT recommend this!) then it will be a very good idea to change those passwords too. Quite often, any log in details that have been phished will get shared around and you may find that your login details are used to access your accounts for other services without your permission.
Hopefully that has helped you to spot a fake phishing email pretending to be from Netflix. If you have any other tips then feel free to comment below.