Jim Fisher has a really nice write up about a potential scam. There are several good tips in his post. This also highlights the importance of being vigilant.
I recently received an email from Netflix which nearly caused me to add my card details to someone else’s Netflix account.
He did the right thing in checking the source of the email, but even that was legitimate.
“Odd,” I thought, “but OK, I’ll check.” The email is genuinely from
netflix.com, so I clicked the authenticated link to an “Update your credit or debit card” page, which is genuinely hosted on
netflix.com. No phishing here. But hang on, the “Update” page showed my declined card as
**** 2745. A card number I don’t recognize. Checking my records, I’ve never seen this card number. What’s going on?
The crux of the scam is to create an account on Netflix and hope that the “real” owner of the account doesn’t notice the billing. However, this is just one way to potentially scam folks. This kind of information could be used in a variety of ways to scam individuals.
I don’t necessarily agree with everything that he says, (Netflix really should do a better job of confirming that you actually have control of the email account), but the message is important.
Just another reminder that in today’s world, it is truly important that you understand what is happening and why.
(*By the way, although the “dot” trick will work with generic Gmail addresses, it will NOT work with our work set up).