There’s a new phishing email campaign targeting Netflix subscribers. From what has been observed, the aim seems to be to steal user login credentials.
The Email arrives with the title “Re: Update Subscription Payment – We Have Canceled Your Premium Membership….”
The Email can be very convincing just by looking as it uses Netflix logo and branding with no typographical errors, see below:
Another devious ploy is the title which begins with “RE…” meaning reply, the idea is to trick the recipient into thinking this is a reply to a previous message, thereby lowering they are suspicious.
The Email contains a link to a phishing site that leads to a cloned Netflix login portal:
While visually appealing, there are several clues that show this is a phishing email and users should pay attention to these details below:
- The sender’s email address does not match the sender’s name. While the sender’s name is “[email protected]” if you look below it, you’ll see the real email address is a long string of characters that has nothing to do with Netflix
- The message does not address the recipient with their name, instead, it starts with “Hi”, if this was a legitimate email from Netflix, then it would address the recipient by name since they have this information.
Always remember, never click links in emails. Also, if you’re in doubt, do not click the reply button. Instead, open a fresh new message by clicking on “compose” or the button to launch a new email and write out a message inquiring if the previous email received was legitimate. For instance, if you were the recipient of the email above and you are a Netflix subscriber, you would not reply to the email but send an email to the Nexflix customer service email inquiring if the email you received was from them.