Netflix has become an everyday part of life for many of us, with its huge library of movies on demand and, increasingly, quality shows and features produced by Netflix itself.
With plans ranging from $7.99-$13.99 a month, though, the service isn’t necessarily cheap. That’s why when one member of Team Clark received an email purportedly from Netflix touting free service for 12 months, it seemed like an unexpected gift.
Then the alarm bells started going off.
How to tell a phishing attempt from a real email
Team Clark and Clark’s Consumer Action Center hear from folks every day who have already fallen victim to email phishing scams or are concerned they are about to be scammed, so we’re pretty good at this point and knowing them when we see them. Even the most sophisticated scams (the ones that, say, don’t involve huge sums of money and Nigerian princes) will contain red flags.
Let’s start the the subject line.
Yes, it looks like this email was sent by Netflix, but look at the language. Why is “Months” capitalized, but “free” is not? Simple discrepancies like this are often big giveaways that the sender may not be legitimate.
Also, if you think that a whole year of free Netflix (which would be worth at least $95.00) seems to be too good to be true, you’re on the right track.
Knowing what we were probably getting into, we opened the email.
Here’s where our suspicions were confirmed. Instead of coming from a Netflix address, the sender of this email was “Netflix via okl236.ikexpress.com.” Normally, scammers will at least attempt to do a decent impersonation of the email address of the company you’re supposed to be dealing with. No so in this case — this is very obviously spam.
Finally, we get to the body of the email:
Notice anything interesting?
Remember how they subject line of the email touted 12 months of free Netflix? Now the body of the email is offering a “6 Months Free Trial.” Not only is it a scam, it’s a bait and switch!
So, while there are a ton of red flags here, someone not paying close attention could easily open this email, click one of the options in the body and find themselves giving personal information to a crook. That’s why you should always be careful when you’re dealing with email.
Netflix themselves has advice in their FAQ related to scams like this, and it pretty closely mirrors the advice Team Clark has been giving out for years:
If you suspect you have received a fraudulent email or text message that appears to be from Netflix, follow these tips to keep your information safe and secure, and follow the steps below to report the message:
- Never enter your login or financial details after following a link in an email or text message. If you’re unsure if you’re visiting our legitimate Netflix website, type www.netflix.com directly into your web browser.
- Never click on any links or open any attachments in an email or text message you received unexpectedly, regardless of the source.
- If you suspect an email or text message is not from Netflix, do not reply to it. Follow the steps below to forward it to us.
Netflix asks that if you receive an email like this, you forward it to [email protected] and delete the email.
If you have already clicked on a link in a Netflix phishing email, the company says you should:
- Change your Netflix password to a new, unique one.
- Update your password on any websites you used the same email and password for.
- Contact your financial institution if any payment information was entered, as it may have been compromised.
Be careful out there!
More stories you might like from Clark.com: