no your account is not suspended, this email is a scam to empty your bank account

If you receive an email informing you that your Netflix account will be suspended, do not click on the link that is offered to you, despite the apparent legitimacy of the message. This is a scam, which aims to recover your username and password, as well as your credit card details, no more and no less.

Netflix phishing attempts are rife on the web today. As proof this message received some of our readers, who immediately alerted us, but also one of the members of the editorial staff. An email informs the user that his Netflix account will be suspended, because the platform was unable to make its monthly debit. He then 48 hours to regulate the situationotherwise his Netflix account will be permanently closed. Height of bad luck, the sum of € 9.90 for closing costs it will also be billed.

To solve the problem and “restart the subscription”, he must connect to a home page that looks exactly like that of Netflix. Nothing has been left to chance, the pirate site reproduces that of the platform in great detail. The site offers subscribersenter your username and password, in order to connect to the streaming site. From then on, the hackers behind this fraud get your login information. Corn the phishing attempt don’t stop there.

Netflix vs site de phishing
On the left the official Phishing site, on the right the fraudulent site. The copy is perfect.

No, your Netflix account will not be suspended for non-payment

On the next page, we see the following message: “You have a payment default. The last payment for your Netflix subscription has been declined through our anti-fraud system. The functionality related to your account is limited for the moment, until the moment when the missing information is filled in. ” It almost seems like it if it weren’t for the little spelling of the terms “features” and “where”, but who is actually going to pay attention?

Pressing the Continue button takes you to a web page that invites you to add different personal information : name, first name, date of birth, telephone number, address, postal code and city. And it is on the last page that things really go wrong, since it is necessary toenter your credit card number, its expiration date and CVV security code. What to offer to the hackers the leisure to make any type of payment on the Web and to thus ruining the victim’s bank account.

Netflix site phishing

A fake Netflix site “larger than life” that wants to steal your banking information

Although this new phishing attempt looks like the wave of emails that we mentioned a little while ago and that make you believe that your Netflix subscription has expired, the means and the method differ. Here, it is a question of a future suspension of account and the threat of a penalty of € 9.90 for administrative fees. In passing, one may wonder how the so-called streaming site will be able to withdraw this amount from the user’s bank account, since a problem with the bank details is precisely the source of the problem.

But above all, the hackers have really refined their technique, since very few clues suggest a scam attempt. First, they made sure that the email was as credible as possible and was not detected by anti-phishing tools. As of this writing, the scam attempt has managed to slip through the cracks of Gmail, as well as Thunderbird email software.

Netflix site phishing

Second “exploit”: once on the site supposed to solve the problem, none of the browsers that we tested (Edge, Chrome, Firefox and Safari) does not warn about the hacking attempt. In addition, the site showing a white paw and displaying a secure connection, this makes it easier to gain the trust of the user. Finally, its designers push the vice to send the user to the FAQ and the official Netflix terms of use. Even the phone number that appears at the bottom matches that of the famous streaming platform. Everything is there to really deceive the user’s mistrust.

How to avoid falling into the suspended Netflix account trap

Despite the tools put in place by the messaging services, some phishing emails manage to bypass barriers and fool users, as is the case here. To avoid falling for it, here are some tips:

  • Always look at the sender an email from your online service or your email client. In this case, the email does not come from Netflix, but from a certain mailbox with the domain name xd-twin.io.
  • Take a look at the url displayed in the browser. In this case, of course, it is not Netflix.com, or even something like that.
  • Rather than clicking on the fraudulent email, manually log in to your Netflix space. It is in the Account section that you can control the status of your subscription and manage payment information, and nowhere else.

Leave a Comment