Be wary of the “Your Netflix Subscription Suspended Within 2 Days” scam email

“Your Netflix Subscription Suspended Within 2 Days” scam email is a phishing attempt that aims to steal users’ Netlfix login credentials. It’s a pretty low-effort phishing attempt and should be easily recognizable to users familiar with phishing attempts. The email claims that your account will be suspended in two days if you do not resolve a payment issue. If you click on the “Update my payment” button, you would be taken to a site resembling Netflix and asked to log in. If you type your information, it would be sent to the malicious actors operating this phishing campaign.

The phishing email informs users that there’s an issue with payment and that users have 2 days to resolve it. Otherwise, the Netflix account would be suspended permanently. Netflix does send similar emails when it’s unable to process payment so it’s not impossible that some Netflix users will fall for this phishing email. In a legitimate Netflix email, clicking on the link would take you directly to your account’s payment section, where you can add cards or retry with the same card. However, when you click on a Netflix phishing link, you would be taken to a site that only looks like Netflix and asked to log in. In addition to your Netflix login credentials, you may also be asked to provide your payment card information.

No matter how legitimate a Netflix phishing website may look, the URL will always give it away. Malicious actors can closely imitate a site’s design but copying the URL is not possible. So you should always check that URL is correct before logging in anywhere.

What are the signs of a phishing email?

Phishing emails usually target random users (or more specifically, users whose email addresses malicious actors were able to find on hacker forums), which is why they’re quite obvious most of the time. Phishing emails that target someone specific tend to be more sophisticated because malicious actors have more information about the target. But you’ll most likely be targeted only by generic phishing emails, which are quite low-effort.

The sender’s email address is the first thing you should check when you receive an email asking you to click on a link or open an attachment. The most generic phishing emails will be sent from very random email addresses. If you see an email address that’s made up of random combinations of letters and numbers, you can immediately classify the email as malicious. But in some cases, the email addresses may seem completely legitimate. It’s highly recommended to research senders’ email addresses before interacting with the emails. You can use a search engine to look into whether an email address actually belongs to whomever the sender claims to be.

For whatever reason, phishing emails are often full of grammar/spelling mistakes. Maybe it’s because malicious actors are usually non-native English speakers, or because the mistakes weed out more cautious users, but the mistakes are usually very obvious. In this particular case, the issue is the awkward phrasing used in the email. Netflix would certainly not send you an email that says “Your Netflix subscription suspended within 2 days”. Emails from big companies like Netflix, especially automatic emails, will never contain mistakes because they look very unprofessional.

Phishing and other malicious emails usually address users with generic words like Customer, Member, User, etc. Malicious actors do not have access to personal information like a name, so they’re forced to use generic words. Take the below image as an example of a Netflix phishing attempt. Not only does it address users as “Customer”, but it also has a mistake in the very first line. If you use Netflix, you will have noticed that the company always addresses users using the names set for the main profiles. It does not use generic words because it would make the emails seem less personal.

Before clicking on links in emails, you need to make sure they’re not malicious. Hover over the link/button with your mouse, and the URL will appear at the bottom. If the URL looks at all suspicious, do not click on it. In general, it’s best to not click on links in emails at all. If an email asks you to do something with your account, access the account manually instead of clicking on a link in an email.

“Your Netflix Subscription Suspended Within 2 Days” scam email removal

You can remove “Your Netflix Subscription Suspended Within 2 Days” scam email from your inbox if you happen to get it. But it’s very likely that your email address has been leaked so you’ll receive more phishing/malicious emails in the future. If you fell for this Netflix phishing campaign and provided your login credentials, you need to change your Netflix password immediately. If your account has been hijacked, try contacting Netflix. If you cannot recover it, contact your bank to cancel your payment card to avoid being charged when you can no longer use your Netflix account.