Watch out for this Netflix 'payment declined' phishing email scam

The message looks legitimate, and tries to trick users into giving up credit card info,

The Essentials

1. For the second time in recent months, Netflix's 110 million subscribers are being targeted by scammers with a very real-looking fake email.

2. First spotted by MailGuard, the email uses the Netflix logo and colors and uses the subject "payment declined." The body of the message explains Netflix couldn't authorize a card on file, and includes a link to update your card info.

3. That link brings you to a webpage that again uses the streaming service's branding (but is not a legit Netflix page), where there are fields to enter your email and card info.

What Else You Should Know

This is a clear attempt at a phishing email by using what MailGuard calls "brandjacking."

That's when an attacker sends a fraudulent email, but makes it look like it comes from a legitimate source – hoping you'll click over to a spoofed website and offer up private info, not realizing it's a scam.

A screengrab of another phishing email tweeted out is very thorough, saying it's an automatic email sent "during routine security checks" and including "Netflix Support Team" as the signature.

That information can be sold on the black market, used in identity theft, or leveraged to gain access to further accounts.


These are the 100 worst passwords of 2017 – do you use any of them?

So how do you spot a spoof email?

Check the sender's address. Looks for inconsistencies in your actual information and what the spoof email is saying. Scan for typos or formatting issues. Hover your cursor over links in emails to see where it sends you – or copy the link address and paste it into a document.

And never enter your payment information anywhere after following a link from an email, Netflix says.

The absolute safest thing you can do though is just go directly to the site in your browser. So in this case, go to, log in, and check your payment information.

If you do come across a possible phishing email, forward it to, the service asks.

And if you had a brain fart and gave up your info, change your Netflix password ASAP, change the password on all other accounts that you use the same password for, and call your bank/card company to let them know.

Next Up

Matt Dumba

Matt Dumba beats the clock to give Wild sixth straight win

Dumba scored as overtime came to a close for another Wild victory.

Karl-Anthony Towns

Bradley Beal terrorizes Timberwolves in loss to Wizards

Beal and the Wizards handed the Wolves their seventh straight defeat.

Marcus Carr / Gopher basketball

Gophers tourney hopes take another blow with loss to Nebraska

Marcus Carr scored a career-high 41 points, but Minnesota is still winless on the road.

St. Paul police

St. Paul police arrest teenage boy in carjacking crackdown

This comes amid a dramatic spike in Twin Cities carjackings.


Snow latest: Twin Cities set for up to 4 inches

A narrow system will travel across Minnesota overnight.

Blake Fredrick / Lake City Basketball

Lake City boys basketball player signs contract, honored on senior night

Frederick had a special call-up to the Tigers' varsity basketball team.


Man dies after being shot outside home near Grove City

He was found outside a home in Acton Township.

Screen Shot 2021-02-27 at 9.39.00 AM

Teen wounded in 'accidental shooting' in Moorhead

The 18-year-old was shot in the abdomen.

Kirill Kaprizov / Minnesota Wild

Watch: Another absurd night for Kaprizov as his legend grows

Kaprizov scored a crazy wrap-around goal in the Wild's victory over the Kings.


Netflix remembers every time you pause a show (and a lot of other info)

It sees you when you're binging. It knows when you hit pause.

Chipotle's payment systems were hacked – see if the one you go to was hit

Malware got into the register and card payment systems and scraped up info.

5 things you should take away from the Explore Minnesota Facebook page hack

What you should (and shouldn't) do to keep your accounts safe.

Watch the new Iron Fist trailer from Netflix's Marvel universe

The Iron Fist is the fourth piece of The Defenders – sort of a mini Avengers.

Facebook Messenger just made stalking your friends easier

Let your friends stare at you walking around in real-time for an hour.

Do you know when Uber is tracking your location?

We know apps collect data about us. But how much, and how is it being used?

Forever 21 says it was probably hit by a data breach

If you bought something there with a card, this might affect you.