Netflix users have been warned to be on the lookout for a sophisticated email phishing scam that’s attempting to fleece Australian users of thousands of dollars from their bank accounts.
The scam email informs recipients that their last Netflix bill has accidentally been charged twice and they need to request a refund by using a link provided in the email within the next 12 hours.
Users are then taken to a Netflix login page that appears genuine.
“It invites users to request a refund within 12 hours via a provided link,” warns cybersecurity company, Mailguard.
“While the email includes the company’s logo, it also contains multiple red flags that indicate it is not a genuine notification from the company. This includes a blank subject, and an inaccurately spelt display name, i.e. ‘Netlfix’. In addition, the recipient is not addressed directly. The email actually originates from a third-party that is using potentially compromised web hosting, as well as a dynamic DNS provider for the sending domain.”
Unsuspecting recipients who click on the link to request a refund are led to an intermediary site hosted by BigCommerce that appears to be compromised, the company says.
“This site automatically redirects them to a login page asking users for their email address and password.”
User details are then taken by the scammers on a page asking for their credit card details.
In advice listed on Netflix’s website, the global streaming giant says, “We will never ask you to enter your personal information in a text or email”.
This information, it says, includes credit card or debit card numbers, bank account details, and Netflix passwords.
“We will never request payment through a third party vendor or website.”
“If the text or email links to a URL that you don’t recognise, don’t tap or click it.
“If you did already, do not enter any information on the website that opened,” says Netflix.