Netflix phishing scam tricks consumers into calling fake tech support

netflix scamThere is a new scam going around aimed at stealing your files and personal information. If you use Netflix to watch movies and TV shows–and a lot of people do these days–you could be a target.

Scammers have been using malware to trick consumers into calling a fake Netflix tech support number, Better Business Bureau warns.

First, a popup appears when you log in to your Netflix account, warning you that your account has been “suspended due to unusual activity.” The popup includes a number to call, that connects you with people pretending to be with Netflix. A “technician” gives you instructions to allow him to “fix” the problem by downloading software that allows him to log into your computer remotely. Meanwhile, the scammer pokes around in your computer, downloads files that interest him and tries to get your credit card info so he can bill you for his “services.”

Users that are targeted will be led to a phony webpage that may resemble the Netflix login page. The Netflix users will enter their account information and the fake website will claim that the user’s account has been suspended. A fake customer service number is provided and a “representative” recommends the user download the “Netflix support software,” which is remote login software that gives the fake representative full access to the user’s computer.

There are three key indicators consumers should look for that show an email involved in this scam is not from Netflix: First, the phone number is not Netflix. Instead, the number belongs to a call center in India. Second, the webpage is a popup. Third, the “representative” wants to login to your computer via remote software.

If you experience any elements of this phishing scam, immediately hang up before you give away any secure information. Change your Netflix username and password immediately. If you use that same password for other websites, change those as well.

Here is some advice about how to avoid this scam and others like it:

  • Never let someone login to your computer remotely. When someone logs in, they can do anything you can do on your computer. They can access anything including personal and financial information. 
  • Do not click links in emails. It is better to type the address in the search bar manually.
  • If the URL seems odd, do not continue to go to the site. If it is a scam, it will most likely have an unusual URL. It will likely contain a common name but be accompanied by some jumbled letters or numbers.
  • Always look up the company’s phone number on their website. If you need to call a company, look it up on their official website. This can make sure that you are calling a legitimate number.

For more advice on scams, visit bbb.org