1. For the second time in recent months, Netflix's 110 million subscribers are being targeted by scammers with a very real-looking fake email.
2. First spotted by MailGuard, the email uses the Netflix logo and colors and uses the subject "payment declined." The body of the message explains Netflix couldn't authorize a card on file, and includes a link to update your card info.
3. That link brings you to a webpage that again uses the streaming service's branding (but is not a legit Netflix page), where there are fields to enter your email and card info.
What Else You Should Know
This is a clear attempt at a phishing email by using what MailGuard calls "brandjacking."
That's when an attacker sends a fraudulent email, but makes it look like it comes from a legitimate source – hoping you'll click over to a spoofed website and offer up private info, not realizing it's a scam.
A screengrab of another phishing email tweeted out is very thorough, saying it's an automatic email sent "during routine security checks" and including "Netflix Support Team" as the signature.
That information can be sold on the black market, used in identity theft, or leveraged to gain access to further accounts.
So how do you spot a spoof email?
Check the sender's address. Looks for inconsistencies in your actual information and what the spoof email is saying. Scan for typos or formatting issues. Hover your cursor over links in emails to see where it sends you – or copy the link address and paste it into a document.
And never enter your payment information anywhere after following a link from an email, Netflix says.
The absolute safest thing you can do though is just go directly to the site in your browser. So in this case, go to Netflix.com, log in, and check your payment information.
If you do come across a possible phishing email, forward it to firstname.lastname@example.org, the service asks.
And if you had a brain fart and gave up your info, change your Netflix password ASAP, change the password on all other accounts that you use the same password for, and call your bank/card company to let them know.