Many people in Germany have subscribed to at least one streaming service. The high number of users is tempting for fraudsters who keep trying to get hold of private data with fake emails and text messages.
According to Statista, by the end of 2022, Netflix was counting whopping worldwide 230 million Subscribers, at least there were at Disney+ 164 million. The major streaming services, which also include Amazon Prime Video and Wow in this country, but also RTL+ and Joyn, offer a wide range of targets for fraudsters. New phishing attempts are constantly appearing – sometimes in the form of e-mails, sometimes in the form of SMS. TECHBOOK provides information about the current phishing threats for users of streaming services.
Alleged customer service emails from Disney+
Disney+ users should exercise extra caution at this time. Because scammers are currently sending emails in the name of the streaming provider’s customer service. The email notifies subscribers of an alleged payment issue that could not be resolved. The Disney+ account will thus be cancelled. Those who wish to continue accessing the content must reactivate the subscription, the email said.
As the consumer advice center warns, the email is a phishing attempt on behalf of the streaming provider. Recipients should therefore under no circumstances click on the attached link and enter data there. The fact that users are addressed directly in the email should not unsettle them either. If you take a closer look, you will even see some errors in the phishing mail from the alleged streaming provider. The word “Halo” is misspelled and the e-mail is generally very vague. It should therefore be moved directly to the spam folder.
Scammers want credit card details with fake Netflix email
But even Netflix users are not safe from the phishing mails on behalf of the streaming providers. Recently, a fake email circulated asking Netflix users to update their payment information. The email contained the subject “Netflix.DE: You have an action to complete” and came from the sender “Customer Service”. The scam is quite similar to that of Disney+.
At first glance, the email looks legitimate as it contains both the Netflix logo and typical elements such as red buttons, and is also written in the correct font and without any spelling mistakes.
According to the email, the subscription has been suspended due to the “payment for the next billing cycle [des] Failed to authorize subscriptions”. To go back to “all […] To be able to access benefits”, the user should update the payment information. However, a red button with the content “Identify” leads to a replica Netflix page. If you enter your credit card details there, they end up in the hands of scammers.
Also read: Fraud at Sparkasse, Postbank, DKB: Beware of the current scams
How to unmask fake e-mails from streaming providers
Although the current e-mails are mostly elaborately recreated in the style of the streaming providers such as Netflix, Disney+ or Wow, a closer look reveals a few inconsistencies. It is not uncommon for passages to be found that are written in very crude German. The information about the alleged reason for the blocking is often very vague and spelling mistakes creep in again and again.
Here you can test how well you can tell legitimate emails from fake ones.
What affected users should do
In its help center, the streaming provider Netflix specifically addresses phishing attacks in the form of emails and SMS. The company advises to check the link from the email or SMS carefully. You can do this by right-clicking and “copy link address” or simply move the mouse cursor over the link. If you have already opened the link and an unknown URL appears, you should under no circumstances enter your information. If you have received a suspicious email or text message, you can use the [email protected] report to Netflix.
Phishing emails on behalf of the streaming provider are also an issue at Disney+. On his help page the provider emphasizes that it will “never actively ask customers for personal information in this way”. The exception is when users contact Disney themselves and this data is needed to solve a problem. “If you receive an email or phone call from an organization claiming to be Disney asking you to provide this type of personal information or Disney+ account details, for your safety, do not respond,” the provider said.
If you have already entered login or credit card information, you should change the Netflix password immediately. If you use the same combination of email address and password on other websites, you should also change the passwords there. Inform the financial institution and, if necessary, have the credit card blocked if you have entered the data for this. TECHBOOK also recommends filing criminal charges.