FacebookTwitterLinkedIn

Warning Issued over Netflix Email Scam

The Grand Rapids Police Department of Michigan, USA, has issued a warning via Facebook warning Netflix users of an email scam currently underway. Netflix also issued a statement intended to help users determine what is a scam or not and hopefully prevent users from handing over important information such as information pertaining to credit and debit cards.

Netflix, the incredibly popular subscription-based streaming service, currently boasts nearly 118 million users globally. This popularity, while what the business strives for, unfortunately, comes with a downside. That being it makes it a target for scams which cybercriminals will try to exploit this popularity to the best of their ability. The latest scam takes the form of a phishing email campaign. Simply put a phishing campaign relies on the criminal sending out emails to a massive amount of recipients with the hope of getting the recipient to do what the email instructs. These campaigns rely on social engineering to get the user who received the email to do something. This may involve the user from mistakenly handing over bank details or other such important information. Social engineering can be defined as an attack that relies heavily on human interaction in order to steal confidential information. Due to this reliance on human interaction phishing is one of the easiest forms of cyber attack for a criminal to carry out. Through merely sending out an email which links to a fake website a victim can provide these crooks with everything they need to infiltrate every aspect of their targets' personal and working lives. Such attacks are commonly used in identity theft cases which can severely impact the life of the victim.

In this latest scam, a suspicious email is sent telling Netflix users that their account has been deactivated because the company “could not validate billing information.” The email then prompts the user to click a link to enter their information which importantly for the criminal is designed to try to get the user’s credit card number. It goes almost without saying that the link should not be clicked under any circumstance. Netflix has advised their customers:

“Netflix may email you to update this information with a link to our website, but be cautious of fake emails that may link to phishing websites…If you’re unsure about a link in an email, you can always hover your cursor over the link to see where it directs in which you can see the real linked web address at the bottom of most browsers.”

This is sound advice for clicking on any link from an email received. By ensuring that the link is legitimate and not fake the user can protect themselves from such attacks. Netflix has further provided more information on what to do when receiving either a suspicious email or text message. This information can be viewed here. It is also important to remember that phishing does not occur solely via email but can also occur via text messages and social media. In both of those instances, the criminal wants you to do the same thing, that being to click on a link. Such links can be used not only to steal valuable information but they can be used to install various types of malware onto your computer.

netflix email scam

This affirms the importance of being aware of what you click on. Phishing campaigns are popular amongst cybercriminals as they are easier than hacking into secure networks but they are incredibly effective. Sadly though, they are not the only method used to steal valuable information.

Text presented in the phishing emails:

Your Netflix Membership is on hold
We recently failed to validate your payment information we hold on record for your account,
therefore we need to ask you to complete a brief validation process in order to verify your billing and payment details.
Click here to verify your account
Failure to complete the validation process will result in a suspension of your netflix membership.
We take every step needed to automatically validate our users, unfortunately in this case we were unable to verify your details.
This process will only take a couple of minutes
and will allow us to maintain our high standard of account security.Netflix Support Team
This message was mailed automatically by Netflix during routine security checks. We are not completely satisfied with your account information and required you to update your account to continue using our services uniterrupted.

Chili’s Reports a Data Breach

The popular restaurant chain based in the US but has restaurants around the globe issued a statement confirming the company suffered a data breach. It is feared that customers’ credit card information was amongst the data stolen. Brinker International, the company which owns Chili’s, announced that a data incident at some Chili’s restaurants may have resulted in unauthorized access or acquisition of credit and debit card data. It is believed the incident may have occurred in March or April, however, the company only learned on May 11 that payment card information was compromised at certain Chili’s restaurants. The company has employed third-party forensic specialists to determine how the breach occurred. A preliminary investigation indicates that malware was used to gather payment card information including credit or debit card numbers as well as cardholder names from Chili's payment-related systems for in-restaurant purchases. As Chili’s does not collect personal information such as social security numbers, full date of birth or state identification numbers, that information was not compromised.

The company has stated:

“We sincerely apologize to those who may have been affected and assure you we are working diligently to resolve this incident…Law enforcement has been notified of this incident and we will continue to fully cooperate. We are working to provide fraud resolution and credit monitoring services for those guests who may have been impacted,”

However, if you feel that you may be a victim of fraud resulting from a data breach you may take the following steps. First, change relevant passwords or make use of a password manager. Such programs often form part of antivirus packages and are useful security tools. Secondly, contact the relevant financial institutions. They will be able to tell you when your card was last used and also stop cards if they may have been used fraudulently. As the Chili’s data breach may have involved the stealing of card information it is important to keep this step in mind. Thirdly, contact credit bureaus to find out if any loans or other similar financial products have been taken out in your name. If criminals have done so this is a key indicator of identity theft. In the case of the Chili’s breach as no social security numbers, identification numbers, and dates of birth were compromised this is less of a danger than other breaches such as the Equifax breach.

▼ Show Discussion

About the author:

Karolis Liucveikis

Karolis Liucveikis - experienced software engineer, passionate about behavioral analysis of malicious apps.

Author and general operator of PCrisk's "Removal Guides" section. Co-researcher working alongside Tomas to discover the latest threats and global trends in the cyber security world. Karolis has experience of over five years working in this branch. He attended KTU University and graduated with a degree in Software Development in 2017. Extremely passionate about technical aspects and behavior of various malicious applications. Contact Karolis Liucveikis.

PCrisk security portal is brought by a company RCS LT. Joined forces of security researchers help educate computer users about the latest online security threats. More information about the company RCS LT.

Our malware removal guides are free. However, if you want to support us you can send us a donation.

About PCrisk

PCrisk is a cyber security portal, informing Internet users about the latest digital threats. Our content is provided by security experts and professional malware researchers. Read more about us.

Malware activity

Global malware activity level today:

Medium threat activity

Increased attack rate of infections detected within the last 24 hours.

Virus and malware removal

This page provides information on how to avoid infections by malware or viruses and is useful if your system suffers from common spyware and malware attacks.

Learn about malware removal