The Federal Trade Commission is warning people about a phishing scam involving a fake Netflix email.
Phishing is when someone uses fake emails or texts to get you to share valuable personal information like account numbers, Social Security numbers, or your login IDs and passwords. The scammers then use your information to steal your money, your identity, or both.
In this case, scammers created an email that had the Netflix logo on it to make the email look legitimate.
The email claims the user’s account is on hold because Netflix is “having some trouble with your current billing information” and invites the user to click on a link to update their payment method.
If you get this email do not respond to it or click on any links.
The FTC says you should do these things before clicking on any link or before sharing any of your sensitive information:
• Check it out. If you have concerns about the email, contact the company directly. But look up their phone number or website yourself. That way, you’ll know you’re getting the real company and not about to call a scammer or follow a link that will download malware.
• Take a closer look. While some phishing emails look completely legit, bad grammar and spelling can tip you off to phishing. Other clues: Your name is missing, or you don’t even have an account with the company. In the Netflix example, the scammer used the British spelling of “Center” (Centre) and used the greeting, “Hi Dear.” Listing only an international phone number for a U.S.-based company is also suspicious.
• Report phishing emails. Forward them to firstname.lastname@example.org (an address used by the FTC) and to email@example.com (an address used by the Anti-Phishing Working Group, which includes ISPs, security vendors, financial institutions, and law enforcement agencies). You can also report phishing to the FTC at ftc.gov/complaint. Also, let the company or person that was impersonated know about the phishing scheme. For Netflix, forward the message to firstname.lastname@example.org.