With 269 million paid subscribers globally, Netflix is a target-rich streaming service that scammers love to impersonate. But what do they gain from stealing your Netflix account information? It isn’t to control your account like you may think — but to access your payment details and personal information.
Netflix customers are increasingly being targeted by convincing phishing emails that appear to be from Netflix, seeking data and financial gain. From Netflix scam emails to malware, scammers use a range of tactics to lure you into entering your Netflix passwords or providing debit card details. And the vast majority start with phishing emails or text messages. Here are seven Netflix scams that criminals use to try to trick you.
1. Netflix account suspension scams
Sending mass phishing emails to email addresses often obtained from data breaches or bought in bulk on the dark web, scammers inform victims that their Netflix account has been suspended because they’re having trouble processing a payment with the current billing information. They then ask the victim to click a button to update their payment details or verify account information, but this leads to an imposter Netflix website designed to steal sensitive personal data. Netflix account suspension scams are also commonly used in smishing attacks.
2. Unusual login attempt scams
Many people have received a “suspicious activity on your account” email at some point. Even Netflix sends emails like this letting people know when someone has signed into their account in a different place or on a different device. So, it’s the perfect opportunity for scammers posing as Netflix to try to dupe people with a phishing email scam. This Netflix scam email uses the “unusual login” scare tactic to get potential victims to click a malicious link and enter their account information to “secure their account” before thinking.
3. Free or discounted membership scams
We all love freebies and the adrenaline rush that comes with securing a good deal — and scammers know it. So, they’re capitalizing on our desire for a bargain in this Netflix email scam. Through phishing emails designed to look like they’re from Netflix, scammers send victims details of a fake competition to win a year’s free membership or say that they’ve been selected for a special discount on their membership. The email then directs victims to a fake competition or confirmation page for them to enter their personal details.
4. Netflix subscription expiry scams
“Your account has expired!” is a common narrative created by scammers. They’ll tell potential victims that Netflix is unable to “auto-charge” them, so they must enter their banking details to “restart” their membership. But it’s perhaps not the most well thought through tactic. Netflix accounts don’t expire. Monthly billing is automatic, so your account will only end when you cancel it. Any email or SMS suggesting otherwise is fake — so they’re relying solely on fearmongering for this one.
5. Netflix rewards, surveys, and gift card scams
It’s not uncommon for brands to send out surveys. Sometimes in exchange for something — like a gift card or entry into a prize draw — but most often, they rely on people wanting to share their experience with a product. Scammers know that most people expect to receive these types of emails from brands, so they’ve taken the opportunity to send out fake ones mimicking brands. The email will claim that Netflix is offering free subscriptions or gift cards upon completion of the survey, but the link to the survey is just a front for a malicious site which captures personal information and payment details.
6. Hacked smart TV scams
Using a combination of techniques such as phishing, malware and remote access, this Netflix scam targets victims’ home networks. Scammers insert pop-ups into their victim’s smart TV or smart streaming device informing them of a problem with their subscription, or in connecting to Netflix on the device, and prompt them to call a phone number to resolve the issue.
When the victim calls the number, the scammer — pretending to be a customer service representative or IT administrator — asks the victim to allow them to either remotely access their device, to click a link provided, or to pay an activation fee. Either way, they’re looking for your money, personal information, or access to all devices on your home network. To keep yourself safe, look up any phone numbers provided before calling them, don’t click any potentially suspicious links, and never let anyone control your device remotely.
7. Fake Netflix job scams
Fake job scams are unfortunately very common, even on well-known platforms like LinkedIn and even impersonating internationally recognized companies like Google, Meta, Apple, and Netflix.
To lure potential victims in, scammers create fake Netflix job postings offering competitive salaries and post them to online jobs boards and on social media sites. All job seekers must do is fill out an application form — but this form asks for sensitive information such as their Social Security number and financial details. Scammers may also ask victims to pay for fake background checks or will send official-looking documents which have hidden malware or ransomware.
How to identify a Netflix phishing email
At first glance, a Netflix scam email could pass as a legitimate communication from Netflix. Featuring the Netflix logo, font, brand colors and email footer, the resemblance can be uncanny — but there are several things to look out for to single out suspicious emails:
Spelling and grammatical errors
Unofficial email addresses (genuine addresses will end in “netflix.com”)
Destination URLs leading to sites other than Netflix’s official website
To see destination URLs, hover over the link on desktop or hold down on the link on mobile. If the scammer uses a shortened URL such as Bitly, use an online service like GetLinkInfo to see the full URL of the page. If it doesn’t lead to Netflix’s website, it’ll most likely be a malicious site created by scammers.
How to protect your Netflix account from scammers
Netflix will never ask you to share personal information in an email or text message. This includes Netflix passwords, credit or debit card information, and bank account details. To keep yourself safe:
Use unique and strong passwords for each online account that you have and enable two-factor authentication (2FA) when possible.
Refrain from clicking links in emails and text messages. Instead, go directly to your account in the app or on a browser and check for any communications there. If a similar message isn't in your account, it’s likely that you received a phishing email or SMS from a scammer.
Use an online security solution such as F-Secure Total, which guards your devices with award-winning antivirus software and browsing protection.
What to do if you click a phishing link or enter personal information
If you receive a suspicious email or SMS claiming to be from Netflix, forward it to phishing@netflix.com and then delete it and block the sender. If you accidentally clicked on a link:
Change your Netflix password to a strong and unique one not used elsewhere.
Change your passwords for any other accounts if you’ve used the same or a similar one.
If you entered any credit, debit or bank account details, contact your bank immediately.