Phishing scams hit your inbox all the time—it’s under constant attack. As the Security Editor for MakeUseOf, I like to think I have a good handle on how to spot phishing emails. After all, I’ve seen enough in my time.
So when I nearly fell for a phishing scam with a Netflix lure, I was taken by surprise.
How I Nearly Fell For a Netflix Phishing Scam
If your inbox is like mine, you receive a steady stream of phishing emails. Most get tidied away by the auto-spam removal, and you don’t have to think twice about them. But the spam detection didn’t spot this one.
The sent from email address was support at Netflix.com, so it appeared to be from a regular Netflix account—more on this in a moment. Moreover, it was formatted in Netflix’s style and looked normal. The email title line was “Update Your Payment Method to Avoid Service Interruption.”
Now, here’s how I was almost tricked. Before opening my email account, I’d tried to sign into Netflix, but had some difficulties. When I signed in, videos wouldn’t load properly, and I couldn’t access my Settings or other account information. All in all, it was an odd situation.
So when the email landed in my inbox—with accidental perfect timing—the scammers almost had an in. Of course, I was wondering why my Netflix account wasn’t working, but the phishing email couldn’t have known this.
However, I was still suspicious. I know there is money in the account that pays for the subscription, and I’d seen on my bank statement that I’d recently made a payment.
How I Spotted It Was a Phishing Email
So, I set out to figure out if this was a real Netflix email or if I was about to hand my banking information to scammers on a plate.
First, I hovered over the Update Now button displayed in the middle of the warning message. Sure enough, in the bottom-left corner of my email client, a very different website URL from Netflix appeared. Where you might expect to be directed to Netflix or similar, this Update Now button actually pointed to a post hosted on Truth Social, which understandably set alarm bells ringing.
Rather than click on the link to see where it went, I right-clicked and selected Copy Link Location. Then, I headed to a link checker site to see if the URL was dangerous or not. I headed to VirusTotal, where you can check if a file, URL, IP address, or anything else is legitimate.
On pasting the URL into VirusTotal, it revealed itself as something completely different, as seen in the image below. Eight of the security vendors VirusTotal works with flagged this new URL as malicious, either for malware, phishing, or similar.
Quite clearly, I’d received a phishing email using an expiring Netflix payment method as the lure. And I wasn’t that far away from clicking through due to my circumstances at the time.
How to Spot Phishing Emails Before You Get Scammed
Here’s the rub: phishing emails don’t have to be particularly complex to trick you into clicking the link. I’ve seen countless phishing emails over the years. This time around, I nearly clicked the link as I was in the middle of doing something else; it just so happened that something was related to the phishing email.
But that’s generally how phishing emails work: sow just enough of a seed of doubt that you do click the link and follow through with your information. With scammers sending literally billions of emails per year, at some point, someone will get caught out.
When it comes to phishing emails, there are a few ways you can stay safe:
- Inspect the Content: Does the phishing email claim you’ve won something? Is it offering an unexpected financial reward? You’re looking at a scam. Similarly, is the email from a service you haven’t signed up for or don’t have an account with? Again, you’re in scam town.
- Analyze the Information: Hovering over the link you’re meant to click will show the URL you’re about to open. In most email clients and web browsers, this appears in the bottom left of your screen. If the URL doesn’t match, looks like a garbled alphanumeric string, or you’re simply unsure, just don’t click. You don’t lose anything by not clicking, but you risk losing everything by doing so. Oh, short links are another big red flag that you’re looking at a phishing email.
- Check the Sender Email: You can also check the email address of the sender. The email I received looked like a legit Netflix address, right? Turns out, I was completely wrong. A quick internet search for “Netflix support account email address” showed me that Netflix doesn’t send from that address. This method works with most major companies, especially those that are likely to be used as phishing lures.
Spotting phishing emails isn’t always easy. They’re not a monolith with the same red flags each time around. That’s why learning to spot some of the basic phishing email tells can save you a whole bunch of pain and financial loss, and is absolutely worth doing before you next open your inbox.
