Please be advised of a Netflix phishing scam warning that “Your account is on hold” and asking you to update your payment information via an embedded “Update Account Now” link. The following is a sample of this phishing message.
Please be reminded:
- that an email from a familiar company requesting credential input or an update of payment/account information via an embedded link is a common scam tactic designed to steal your sensitive information.
- to be suspicious of unexpected links and attachments in email, text messages and social media messaging. Always be sure that you are visiting a legitimate (vs. spoofed) website by typing a site URL directly into your browser’s address bar.
- to scan messages for expected tone/language and grammar usage. For example, the message above employs a salutation of “Hi Dear”, which is not a salutation Netflix would use and suggests that if you need help, you should visit the Help Centre (vs. Center).
- that @nyu.edu email accounts are protected by URL Defense, which automatically rewrites URLS in all incoming external email message and protects you at the time you click a link by blocking malicious sites. Please see URL Defense FAQs for more information.
If you were a victim of this scam, it is recommended that you:
- contact the financial institution associated with the payment information you entered as this information has been compromised.
- change your Netflix password. If you use the same password on other accounts (not a recommended practice) change these passwords as well.
- report it to: phishing@netflix.com and the FTC at spam@uce.gov.