A Netflix Email Scam Targeting 110 Million Subscribers Is Still Spreading

Think twice before you open an email about your Netflix account. A longtime phishing scam targeting millions of Netflix users has been spreading across the internet this week with startlingly real-looking emails directing customers to update the financial details of their accounts.

The phish is believed to have been farmed out to 110 million customers of the streaming service and "is relatively well designed," according to MailGuard, an email security firm. After safeguarding its own customers from the deceptive email earlier this week, MailGuard wrote: "The scammers are using a template system to generate individualised [sic] messages with specific recipient data."

With the subject line "Your suspension notification," the email informs victims that their accounts have been suspended due to a billing issue. After clicking a link which redirects to a thoroughly believable Netflix landing page, replete with advertisements for The Crown and House of Cards, unwitting customers input their user information and billing details. 

If this sounds eerily familiar, it's because this particular phish has been lurking throughout the web since January. When it was first detected, web security firm FireEye concluded the fake site was being hosted on "legitimate, but compromised web servers." Now, MailGuard found that the fake Netflix site is built on "a compromised Wordpress blog." Doing the math, it's easy to see that the scam isn't new. It's basically just found a new home to host a fake website to pilfer people's financial information. 

Another glaring indication that the suspicious email is fraudulent: it occasionally asks for customer's social security numbers. Netflix has made clear that it never asks for sensitive financial information from customers via email, and it has no need for any user's social security number. That being said, the scam has defied many traditional email security safeguards, consistently skirting spam filters en route to your inbox. 

Netflix says it's aware of the problem, writing in a statement: "Unfortunately, scams are common on the internet and target popular brands such as Netflix and other companies with large customer bases to lure users into giving out personal information." 

Here's what the scam looks like. | MailGuard

MailGuard suggests remaining vigilant and to question the legitimacy of URLs that pop into your browser, especially from corporate email accounts. 

"Always hover your mouse over links within emails and check the domain they’re pointing to," the company said. "If they look suspicious or unfamiliar don’t open them."

As always, you should be incredibly skeptical of an unprompted inquiry that asks you for money.

Sign up here for our daily Thrillist email and subscribe here for our YouTube channel to get your fix of the best in food/drink/fun.

Sam Blum is a News Staff Writer for Thrillist. He's also a martial arts and music nerd who appreciates a fine sandwich and cute dogs. Find his clips in The Guardian, Rolling Stone, The A.V. Club and Esquire. He's on Twitter @Blumnessmonster.