Netflix is a major player in the Internet today, in the business of streaming videos it is very dominant, in the first quarter of 2018 alone, they successfully grew with 7.5 million more subscribers. It is very influential on how people consume media these days, especially the streaming service company also started producing their own shows independent from movie producers. The company has come a long way since the days of mail-to-order DVDs days in the late 90’s. Today, in the U.S. alone Netfix hosts 6000+ titles and still growing, some titles are not available outside the United States, which made some of their subscribers to use VPN to ‘pretend’ as a U.S. resident in order to access geographical restricted titles.

With the huge traffic Netflix is consuming, it is understandable that sooner or later, its name will be used by scammers and phishers in order to propagate their activities. This is expected to grow this holiday season, as more people are in their homes, more time spend for entertainment purposes. Phishing is a specific activity where a messenger uses social engineering in order to persuade a person to do an action or release information on behalf of the sender.

Usual targets are young people or elderly people that are easily persuaded, they usually use appeal to emotion in order to solicit an action from their targets. In the case of Netflix, a fake ‘account on-hold’ email are sent to their victims. It provides a link to a fake website that looks like Netflix, but it is actually a site that was designed earlier to capture user information, including the login credentials.

Sample Netflix phishing email:

Subject: Your account is on hold


Please update your payment details

Hi Dear,

We’re having some trouble with your current billing information. We’ll try again, but in the meantime you may want to update your payment details.

–link to fake netflix site–

Need help? We’re here if you need it. Visit the Help Centre (with hyperlink pointing to fake site) or contact us (with hyperlink pointing to fake site) now.

Your friends at Netflix

The above is just one sample, others have more elaborate wording in order to convince the victims, the spammers already won once the link gets clicked. That alone can generate advert profits for them, let alone the possibility that an unsuspecting user will fill-up the form presented in the fake Netflix site.

Always remember that Netflix and other web services that a user sign-up for already hold user information, they don’t need to ask it again from the user, let alone through email. It also takes a lot of effort to create a fake TLS encryption-enabled website that looks the same as the original Netflix, as no authentic certificate authority will issue a certificate for a site unless verified first.

The U.S. government’s Federal Trade Commission has assigned a website to report phishing incidents occurring within the borders of the country, just visit Netflix also encourages their users to forward all phishing emails they receive to their email designed to combat phishing: Be safe this holiday season, never fall for phishing scams.

Post a comment