Netflix users beware, hackers are now targeting subscription renewal process to steal money

Cyber scams are becoming a growing threat across the globe. Cybercriminals are adopting new ways to deceive netizens and dupe them out of money. In one such scam, Netflix users worldwide are being warned about a phishing campaign in which scammers are targeting the subscription renewal process to steal personal and financial information. Security experts have raised the alarm over this online scam, highlighting that it has affected users in 23 countries, including the United States, Germany, Spain, and Australia.
According to Bitdefender, the cybersecurity firm that flagged this scam, the new Netflix scam involves scammers sending fraudulent SMS messages claiming issues with Netflix account payments. These messages aim to create a sense of urgency, tricking users into clicking malicious links to resolve the alleged issue. Cyber security firm has also shared examples of such messages, including:
“NETFLIX: There was an issue processing your payment. To keep your services active, please sign in and confirm your details at: https://account-details[.]com.”
“Your last payment was declined. Update your payment information at: https://homepage-nflix[.]com.”
According to the report, these phishing messages are often tailored to different regions, using local languages and Netflix branding to appear legitimate. In some cases, they are riddled with grammatical errors, but many are polished enough to deceive unsuspecting users.
Once users click the provided link, they are redirected to a phishing website that mimics Netflix’s official login page. Here, cybercriminals collect sensitive data, including usernames, passwords, personal information, and credit card details. The stolen credentials are frequently sold on the dark web, putting victims at risk of financial fraud and identity theft.
Notably, Netflix has become one of the easiest targets for cybercriminals due to its popularity. Much like WhatsApp, which is one of the top messaging platforms, Netflix is currently one of the leading OTT platforms, making it an attractive target for hackers. Unlike platforms with two-factor authentication (2FA), Netflix accounts are more vulnerable to credential stuffing—a technique where hackers use stolen credentials from one branch to access accounts on other platforms.
While no specific cases have been reported in India, Netflix users are advised to remain vigilant and avoid falling for deceptive messages.
— Avoid clicking on links in unsolicited messages. If you receive an SMS or email claiming an issue with your Netflix account, manually type Netflix’s official website address into your browser to verify your account.
— Be cautious of messages with ultimatums or urgent demands. Legitimate companies rarely send messages with such tones.
— Check for red flags such as unknown sender IDs or unprofessional language. Even well-written messages should be approached with caution.
– If you click on such messages and enter your details, immediately change your Netflix password and the passwords of other accounts where the same credentials were used.