Netflix Phishing Campaign

The NJCCIC has detected a phishing campaign designed to steal credentials and financial payment card information associated with Netflix accounts. Emails related to this campaign contain subject lines such as “Netflix: Update your payment details” and “Your Netflix Membership is on hold,” and attempt to entice recipients into clicking on the embedded link by suggesting there are problems with their memberships including billing issues or account suspensions. The URL link provided in the body of the email directs users to sites that spoof Netflix’s authentication page. The spoofed sites are designed to steal users’ credentials before eventually sending the users to Netflix’s correct authentication page. The NJCCIC recommends never using links provided in unsolicited emails to visit websites requiring the input of account credentials. Users who receive unexpected or unsolicited email requests from known senders inviting them to click on a link or open an attachment should always verify the sender via another means of communication before taking any action. If users have questions or concerns regarding their accounts, we advise logging into Netflix directly through the company’s legitimate URL.