BUFFALO, N.Y. (WIVB) – A cyber-security company is warning Netflix customers to beware of a scam targeting credit card and personal information.
FireEye Labs posted a story this week about a phishing scam.
FireEye blogger Mohammed Mohsin Dalla reports that the scam email asks costumers to update Netflix membership information. A link in the email directs people to a page that looks at lot like an official Netflix login page, but it is not.
The fraudulent link will request your billing and credit card information, potentially putting your information in the hands of scammers.
Netflix has a section on its website about protecting yourself from phishing attempts.
The video streaming company says Netflix will never ask for personal information in an email–including payment information, social security number, or account password.MORE | Click/tap here for Netflix’s security tips.
That warning might have saved Becky Koprowski from a deep financial setback. She was scanning through her emails when she came across a message posing as Netflix, “It said your account is on hold, and it said that I had to update my current billing information.”
To update her account information, Becky clicked on a link that took her to an authentic looking website but it was bogus, “So when I clicked on the link, it brought me up to the ‘update account information’, and they just wanted the three security numbers on the back of your card. I did that.”
By filling out her user name and her password, Becky exposed her entire Netflix profile, including her credit card number. All the crooks needed was the CVV, or security code, on the back and when she gave them that, they could use the credit card for anything.
They scammers charged her $25.00 Netflix fee–which ironically, Becky had just paid—but the money likely went into a bogus account. Then the Riverside mom came across a story on the wivb.com website warning viewers of this kind of Netflix scam.
Becky is thankful for the warning, and now knows better than to turn over personal information based on an email–no matter how familiar it looks, “I would not have clicked on it,” she now says, “I just thought it was a legit email from Netflix.”
Fortunately, a scam that could have cost Becky thousands of dollars was limited to just $25, which some credit card companies might have covered, because banks are required to remove fraudulent credit card charges. That is the law, when the loss exceeds $50,and Becky’s bank is sticking to it.