Netflix users are suffering from yet another batch of phishing emails. They get emails that look legit and ask them to enter personal information into the website.
Attempts to phish Netflix users are pretty common. The emails appear, sometimes get into the headlines. Then they go through a makeover: a redesign to evade spam folder and other defensive filters. And later on, they reappear again.
It is the same with gaming platforms (Steam, Blizzard) or banks.
What are phishing attempts trying to make you do?
They ask you to go to a website, enter your details (name, surname, credit card, social security number) and submit the form, so that your details would get into hands of the phisher.
These massive campaigns are impressive in numbers: they can reach 1, 10 or even 100 million users. The recent Netflix phishing attempt targeted 110 million users. This attack was personalized and it looked just like legit Netflix informational email.
What are the goals of scammers that send out such campaigns?
They don’t need all users to get hooked on this. If they catch 0.1% of all people that got this email, they are looking at details of 110 000 users. And that’s a lot. Even 0.01% is a lot. And though defensive filters won’t allow most of such emails get through, other users will ignore it; there will be that part of people that might agree to give their private details to phishers.
How to protect yourself from Netflix phishing attempts?
- First of all: check the sender. The sender’s email address might look legit, but it is not. Look carefully.
- Hover your mouse pointer over the link. Check the link where you are forwarded to enter your credit card and other details by hovering over your mouse pointer or looking at the source and details of sent email. Is it really legit?
- Don’t click on any links that come with some powerful statement like “Your account might be compromised.” Open your browser, go to the webpage and put in your account details yourself. In case of Netflix, go to netflix.com, enter your username and password, and if you need to take any action, you will be notified.
- Get CUJO. We are working hard to keep up to date with most recent phishing attempts, block them seconds after such campaign starts and before it gets wild.
Read more about protecting yourself from phishing attempts in our older post.