Netflix subscribers are the latest targets of a new phishing scam trying to trick users of the streaming service into thinking that accounts are in danger of being suspended.
Email recipients receive personalized notices informing them that their billing information needs to be updated and they must “restart their membership.” The bogus email includes a link to a fake Netflix website that asks users to log in and then enter various types of personal information.
"Of course, this website is completely bogus and is just a mechanism for the scammers to steal the victim’s identity and credit card information,” according to MailGuard, an Australian tech privacy company that included a screenshot of the scam email, which features the subject line, 'Your suspension notification,'" in a blog post Friday.
Netflix, which has has more than 109 million worldwide subscribers, couldn't provide details about how many of its users may have received the email.
Deadline reported the scam targeted "millions" of subscribers.
MailGuard called the phishing scam “relatively well designed” because of its ability to generate “individualized messages with specific recipient data.”
“This works like a mail-merge; the body of the email is generic, but the sender field is designed to show the name of the intended victim, which personalises the scam making it more convincing,” MailGuard said.
Netflix provided a statement Monday assuring that it takes “the security of our members’ accounts seriously.” It also noted that phishing scams have become a regular problem for online-based products and companies.
“Netflix employs numerous proactive measures to detect fraudulent activity to keep the Netflix service and our members' accounts secure,” the company's statement said. “Unfortunately, these scams are common on the internet and target popular brands such as Netflix and other companies with large customer bases to lure users into giving out personal information."
Netflix also referred users to its website's security page to learn more about keeping personal information safe, or suggested contacting its customer service department directly.