There is a new sophisticated Netflix phishing attack you need to watch out for. They start out very pleasant, saying they have some trouble with your billing info, and pretty please with sugar on top need you to update your payment details. But if you fall for it, they will try to steal your login details, your credit card data, your picture and your ID!
Think Before You Click!
- Never click on a login link or an account verification link in an email. If there is one, bail.
- Check for the green HTTPS padlock. If there isn’t one, bail.
- If there is a padlock, check the name of the site. If it’s not exactly what you expect, bail.
- Don’t ignore telltales such as spelling and grammar errors. If it looks wrong, bail.
- Guard your ID closely. If you’re asked for a selfie or ID when it isn’t absolutely necessary, bail.
Let’s take a closer look.
(Note the simple trick, right there in the subject line, of not spelling out the brand-theft text “Netflix” exactly: the crooks wrote the X
as the Greek letter chi, so that Netflix
came out as Netfli?
.)
Next, you wind up here and that’s where they steal your credentials. But wait, there’s more…
Next, they steal your credit card data:
And trying to keep you on the hook, they throw in a Verfied by VISA page:
Then to add insult to injury, they make you confirm your identity by taking a selfie holding your identity card. Yikes!
An Apple scam is also going around.
Watch out for emails from Apple stating “someone has logged into your Apple ID from an unknown device.” It’s not real.