Beware of phishing scam: Your Netflix subscription has not expired!

by Lorraine Williamson
Netflix phishing scam


In a recent development, a phishing campaign has been identified, aiming to acquire credit card and personal data from unsuspecting individuals. The scam involves receiving a malicious email informing recipients that their Netflix subscription has expired.

The email which is in Spanish, promises a 90-day extension for free, luring users into a trap where they are prompted to provide personal and banking information in a form.

If you have received such an email but haven’t disclosed any information, mark it as spam and delete it from your inbox immediately.

However, if you have already entered your credit card details or personal information into the provided form, it is crucial to contact your bank immediately. Inform them of the situation to take necessary measures, including the potential cancellation of the entered card.

Netflix phishing scam


Here are some additional steps you should take:

  • Regularly review your account statements to spot any unauthorised charges and act promptly.
  • Gather evidence of the fraud by saving emails and screenshots of the process. Online tools can be used to document these proofs.
  • Conduct an ‘egosurfing‘ search to check if your personal or banking data has been exposed. If so, follow the process provided by the Spanish Data Protection Agency (AEPD) to request removal under the “right to be forgotten” principle.
  • Adhere to the security recommendations of the Oficina de Seguridad del Internauta (OSI) to safeguard yourself against similar fraudulent activities.

Key Points:

The fraudulent emails can be identified by their subject lines, such as:

Cogesa Expats
  • “Extend-Your-Free-Account”
  • “Confirmation”
  • “Enjoy a 90-day Free Extension of Netflix.”

The email claims that the user’s subscription has expired and offers a 90-day extension for free, requiring only credit card details for activation, with an assurance of no charges being applied. Moreover, the message contains a link through which the victim is directed to enter their details.

However, the email is poorly written and contains spelling errors and formatting mistakes.

Furthermore, the sender’s address is not an official Netflix address, and the domain does not belong to Spain. Clicking on the provided link displays Netflix logos and the same offer mentioned in the email. A “Extend for Free” button leads users to input credit card details to allegedly validate their user account.

The URL does not correspond to the official Netflix page and, in this case, the presence of ‘https’ does not guarantee authenticity.



Netflix phishing scam


You may also like