Online scammers are reportedly using fake Netflix billing emails in an attempt to steal users’ personal and financial data.
Fox 29 reports that the Federal Trade Commission has begun highlighting a new online scam to steal the personal and financial information of Netflix users. Scammers have reportedly begun sending emails to Netflix users which claim that the user’s account is temporarily suspended because Netflix is “having some trouble with your current billing information.” Users are then invited to re-enter their billing information and personal details, which are then sent to the scammers.
An image of the fake email users have been receiving can be seen in the FTC’s tweet below:
— FTC (@FTC) December 28, 2018
The FTC provided the following tips for internet users to avoid these scams in the future:
- Check it out. If you have concerns about the email, contact the company directly. But look up their phone number or website yourself. That way, you’ll know you’re getting the real company and not about to call a scammer or follow a link that will download malware.
- Take a closer look. While some phishing emails look completely legit, bad grammar and spelling can tip you off to phishing. Other clues: Your name is missing, or you don’t even have an account with the company. In the Netflix example, the scammer used the British spelling of “Center” (Centre) and used the greeting, “Hi Dear.” Listing only an international phone number for a U.S.-based company is also suspicious.
- Report phishing emails. Forward them to firstname.lastname@example.org (an address used by the FTC) and to email@example.com (an address used by the Anti-Phishing Working Group, which includes ISPs, security vendors, ﬁnancial institutions, and law enforcement agencies). You can also report phishing to the FTC at ftc.gov/complaint. Also, let the company or person that was impersonated know about the phishing scheme. For Netflix, forward the message to firstname.lastname@example.org.
The FTC has also developed an online game to test users knowledge of scam and phishing emails. It can be played here.