Netflix users targeted by ‘extremely sophisticated’ phishing attacks

Scam uses fake Netflix branding to fool customers into giving payment details

Netflix users should be on their guard as a phishing attack targets members of the streaming site.

The scam has been described as “extremely sophisticated”, using fake Netflix branding to fool customers. The email attempts to redirect customers to a fake website styled as a genuine Netflix page to update payment details by claiming there has been a problem processing their card.

The website even uses the padlock icon that consumers are generally told to look for to ensure data they are sending through the website is secure.

John Shier, senior security adviser at Sophos, said internet users who received such a link in an email should always look at the URL before clicking it.


“Before you click, hover on the link if you’re on a computer or hold down the link on your phone and you should see the full URL appear,” he said. “Bear in mind that just because the URL has a padlock icon next to it or starts with ‘https’ doesn’t mean it’s safe. As a rule of thumb, if you aren’t sure if it’s genuine just delete it straight away.”

Another thing to be wary of is typosquatting, where criminals take a popular online brand and change one letter or two to trick you into clicking, Mr Shier said. He also warned shoppers to be aware of the wireless networks they were using for buying online, recommending that they stick to secure networks, and to use payments services such as Paypal where available rather than a credit or debit card.

Ciara O'Brien

Ciara O'Brien

Ciara O'Brien is an Irish Times business and technology journalist