A convincing email scam set up to steal credit card information is making the rounds.
The email, which looks like is has been sent officially by Netflix, warns that your account is on hold and requests that you update your payment information.
Clicking through on the link provided in the email takes users to a very believable recreation of Netflix’s login page. There also aren’t any real clues that something isn’t quite right. Hovering over the green security indicator (usually left in the URL bar on most browsers) reveals the site is secured by Let’s Encrypt.
The connection to the website at least is secure. The problem here is that most people rely on that little green padlock to know if their browsing is secure.
After logging into the page, the site asks for your billing information and credit card information to ‘update your account.’ Once that is completed, it thanks users for updating their information and gives them a link to ‘login to Netflix’ again. Clicking on that actually takes you back to the Netflix homepage, leaving many unaware that they’ve just been scammed.
This whole process is outlined in great detail on the Malwarebytes blog here.
This serves as a reminder that users need to be careful with emails asking for their personal information. This attempt is more sophisticated than many, closely mirroring an actual Netflix email. In the majority of cases, your account will be just fine. If it isn’t, Netflix will let you know when you log into the service.
If you’re ever in doubt, don’t click a suspicious link and reach out to Netflix instead.