“Smart” Netflix phishing email targets Australians

Alex Kidman 14 October 2016


That email warning you of your Netflix account being suspended is a fake, but it’s a clever fake.

Phishing, the term usually used for emails or other inquiries designed to fool you into handing over your personal or financial details, is nothing new, but it's getting smarter. A new warning from communications regulator the Australian Communications and Media Authority (ACMA) highlights that as we’re all becoming more aware of it, identity theft crooks are becoming ever more devious in their subterfuges.

ACMA notes a recent spate of emails purporting to come from Netflix, warning of an account suspension if the user doesn’t log into their account immediately. That’s using one of the most basic tools in the phisher’s playbook, designed to make you panic and react rapidly. Naturally, there’s a "handy" link in the email that you’re encouraged to click on in order to fix your locked Netflix account and ensure that the sweet, sweet flow of Luke Cage episodes continues undisturbed.

Where ACMA identifies the scam as "smart" phishing is in the increasing sophistication of the approach. The email looks genuine, and so does the URL and site you’re directed to if you do click on the embedded link, right down to using visuals from Netflix shows to make the login seem as authentic as possible. When you do log in, background scripts grab the details given and try to log into the actual Netflix service to verify your account, so if you do put in the wrong details, you’re even met with an authentic looking error message. If verified, you’re presented with a form pre-filled with data scraped from your actual Netflix account and prompted for your billing details in order to "verify" your account.

Just in case it wasn’t clear, under no circumstances should you actually do this. The scam could give criminal types your personal and banking information.

What can I do to keep myself safe online?

You can usually tell a fake from the real thing by checking the URL, but this isn’t always easy depending on how you’re logging in, or how sophisticated the scam is.

For scams like this, there a few steps you can take in order to keep your personal and banking details safe. The first and most obvious is that if you do get an email from any institution that holds your personal data, open up that service in a fresh browser window. Don’t click on any buttons in emails, because they’ll typically redirect to the fake-but-realistic-looking version of the website. If any action is required on your part, it should be replicated on the real site via its own communications systems, but if it’s not present then you can rest easy knowing it’s a fake. It’s also well worth ensuring you’re using a single unique password for every service you use, because re-using passwords means that if you’re compromised, either via phishing or a data breach, other accounts will also be vulerable. Where feasible and offered, adding two-factor authentication to your accounts can at least alert you if this kind of attack happens, so it’s wise to take it up as well.

Latest Internet TV headlines

Data deals on finder

When will you get the NBN?
When will you get the NBN?

Find out when the NBN is coming to your area with our tracker.

More info...
Need more data?
Need more data?

Find plans with more than 10GB from Telstra, Optus, Virgin and more.

More info...
Kogan Mobile: 12GB of data for $4.90
Kogan Mobile: 12GB of data for $4.90

Kogan Mobile's latest price blitz is seriously good value.

More info...
Free streaming with Telstra
Free streaming with Telstra

Get a 3 month Netflix, Stan & Presto subscription free with Telstra.

More info...

Ask a Question

You are about to post a question on finder.com.au

  • Do not enter personal information (eg. surname, phone number, bank details) as your question will be made public
  • finder.com.au is a financial comparison and information service, not a bank or product provider
  • We cannot provide you with personal advice or recommendations
  • Your answer might already be waiting – check previous questions below to see if yours has already been asked

Disclaimer: At finder.com.au we provide factual information and general advice. Before you make any decision about a product read the Product Disclosure Statement and consider your own circumstances to decide whether it is appropriate for you.
Rates and fees mentioned in comments are correct at the time of publication.
By submitting this question you agree to the finder.com.au privacy policy, receive follow up emails related to finder.com.au and to create a user account where further replies to your questions will be sent.

Ask a question