Don’t worry, click into our spoofed webpage to supply your credit card and other personal details so we can rob you!

Since September this year, users of Netflix in 23 countries have been targeted in phishing scams aimed at stealing login credentials, personal information and credit card information.

SMS and email messages have been sent out to potential victims to trick them about unpaid subscriptions and imminent suspension of their accounts.

There have also been reports of customers in the US searching for the customer service helpline on the internet and ending up with a number run be scammers. One of the customers, believing that the search engine result to be trustworthy, ended up losing US$1,200 to the fake helpline operators. One example cited by Bitdefender even featured a fake captcha screen (when users enter the fake login page) to give a more convincing impression that the user has clicked into an official website!

In Singapore, at least 35 cases of phishing scams have been reported since 1 October 2024, involving losses of at least S$40,000.

Additionally, according to Darren Guccione, CEO and co-founder, Keeper Security, these emails “look convincing, with recognizable logos and design elements, making it easy for users to click on malicious links and end up on fake websites. These phishing sites typically use small but significant changes to the destination URL, such as replacing an “o” with a “0”, or using a different domain extension like “.net” instead of “.com.”

Users of any commercial subscription service are equally vulnerable to such phishing and account-takeover scams. Netflix itself has clarified that they do not send unsolicited messages asking for payment or sensitive information. They stress that such communications should be flagged and reported.