Join Early Retirement Today
Reply
 
Thread Tools Search this Thread Display Modes
Netflix phish?
Old 02-03-2017, 01:26 PM   #1
Thinks s/he gets paid by the post
gcgang's Avatar
 
Join Date: Sep 2012
Posts: 1,197
Netflix phish?

I just received an email, saying I paid $97 for 3 months of Netflix, and if I wanted to cancel, to click below.

My 16 yr old daughter uses Netflix, and when I contacted her said that she paid less than $10 per month, so I clicked below to cancel. Entered my Apple ID and was taken to a screen that asked for EVERYTHING - birthdate, SSN, etc.

At this point I stopped, and I forwarded the email to my daughter. It came to her with a red warning on top of the email saying it was suspicious.

I then changed my Apple password, which hadn't been done in several years, and am somewhat anxiously monitoring things.

Not sure if I'm really paying the $97 to Netflix, but consider that the least of my problem, and I'll figure it out later.

Anyone else run into this? Seems like the "best" phish I've encountered, if that's what it really was.
__________________

__________________
In theory, there's no difference between theory and practice. In practice, there is. YB
gcgang is offline   Reply With Quote
Join the #1 Early Retirement and Financial Independence Forum Today - It's Totally Free!

Are you planning to be financially independent as early as possible so you can live life on your own terms? Discuss successful investing strategies, asset allocation models, tax strategies and other related topics in our online forum community. Our members range from young folks just starting their journey to financial independence, military retirees and even multimillionaires. No matter where you fit in you'll find that Early-Retirement.org is a great community to join. Best of all it's totally FREE!

You are currently viewing our boards as a guest so you have limited access to our community. Please take the time to register and you will gain a lot of great new features including; the ability to participate in discussions, network with our members, see fewer ads, upload photographs, create a retirement blog, send private messages and so much, much more!

Old 02-03-2017, 01:49 PM   #2
Give me a museum and I'll fill it. (Picasso)
Give me a forum ...
audreyh1's Avatar
 
Join Date: Jan 2006
Location: Rio Grande Valley
Posts: 21,977
Wow - good phish!
__________________

__________________
Retired since summer 1999.
audreyh1 is offline   Reply With Quote
Old 02-03-2017, 01:52 PM   #3
Give me a museum and I'll fill it. (Picasso) Give me a forum ...
REWahoo's Avatar
 
Join Date: Jun 2002
Location: Texas Hill Country
Posts: 45,125
Why would an email from Netflix need your Apple ID as part of a response to cancel? That alone would seem to be a huge red flag.
__________________
Numbers is hard

Charter resident of the lumpen slums of cyberspace

Retired in 2005 at age 58, no pension
REWahoo is offline   Reply With Quote
Old 02-03-2017, 01:53 PM   #4
Give me a museum and I'll fill it. (Picasso)
Give me a forum ...
audreyh1's Avatar
 
Join Date: Jan 2006
Location: Rio Grande Valley
Posts: 21,977
Quote:
Originally Posted by REWahoo View Post
Why would an email from Netflix need your Apple ID as part of a response to cancel? That alone would seem to be a huge red flag.
If they subscribed via Apple TV - maybe.
__________________
Retired since summer 1999.
audreyh1 is offline   Reply With Quote
Old 02-03-2017, 01:56 PM   #5
Administrator
MichaelB's Avatar
 
Join Date: Jan 2008
Location: Chicagoland
Posts: 29,084
Quote:
Originally Posted by gcgang View Post

Anyone else run into this? Seems like the "best" phish I've encountered, if that's what it really was.
I've received a couple of "thanks for your payment of $xxx" which were not ours. In those cases I check the payment accounts to see if there are unusual transactions. I'm very careful with links in emails and rarely open them.
MichaelB is offline   Reply With Quote
Old 02-03-2017, 02:04 PM   #6
Thinks s/he gets paid by the post
exnavynuke's Avatar
 
Join Date: Sep 2016
Location: Acworth
Posts: 1,154
The very first thing I do when a "company" sends me an email about my account(s) is to independently log on to my account with that company (i.e. go to www.netflix.com or www.amazon.com etc) and check to see if there's any reason to believe the email. I NEVER click email links unless I'm 100% sure that it is safe to do so (I'd click a link to reset my password only if I had just requests a password reset for instance).
exnavynuke is offline   Reply With Quote
Old 02-03-2017, 02:21 PM   #7
Moderator Emeritus
Bestwifeever's Avatar
 
Join Date: Sep 2007
Posts: 17,343
Run your antivirus program asap too.
__________________
“Would you like an adventure now, or would you like to have your tea first?” J.M. Barrie, Peter Pan
Bestwifeever is offline   Reply With Quote
Old 02-03-2017, 03:04 PM   #8
Full time employment: Posting here.
 
Join Date: Jun 2013
Posts: 790
I always hover over the URL to see if it's legit before clicking on it.
Which Roger is offline   Reply With Quote
Old 02-03-2017, 03:14 PM   #9
Full time employment: Posting here.
ProspectiveBum's Avatar
 
Join Date: Sep 2006
Location: SoCal
Posts: 719
Quote:
Originally Posted by Which Roger View Post
I always hover over the URL to see if it's legit before clicking on it.


Ditto, although you have to really read the URL carefully to ensure it isn't a phishing site. The URL may look something like account.netflix.{somethingunusual}.com.

It's the bit directly before the .com (or .org, .net, etc.) that you care about. If that doesn't look legit, you can paste the URL into the URL search at phishtank.com to see if it's been previously reported.
__________________
I can't complain, but sometimes I still do.
- Joe Walsh
ProspectiveBum is online now   Reply With Quote
Old 02-03-2017, 03:14 PM   #10
Thinks s/he gets paid by the post
target2019's Avatar
 
Join Date: Dec 2008
Posts: 4,960
Gcgang, that's unfortunate. Even experts get phished. Your email provider should be catching obvious stuff. If you had web protection, that would have stopped the first page from loading.
target2019 is offline   Reply With Quote
Old 02-03-2017, 08:01 PM   #11
Give me a museum and I'll fill it. (Picasso)
Give me a forum ...
 
Join Date: Sep 2005
Location: Northern IL
Posts: 21,027
Quote:
Originally Posted by exnavynuke View Post
The very first thing I do when a "company" sends me an email about my account(s) is to independently log on to my account with that company (i.e. go to www.netflix.com or www.amazon.com etc) and check to see if there's any reason to believe the email. I NEVER click email links unless I'm 100% sure that it is safe to do so (I'd click a link to reset my password only if I had just requests a password reset for instance).
Absolutely. If people would just do this there would not be a problem.

Far too may articles will give all these things to look for to determine if it is legit (bad grammar, misspelled words, etc) - forget it, if you didn't clearly expect it, assume it is NOT legit. Problem solved.

After the fact, follow other suggestions as far as changing passwords, virus scan, etc.

-ERD50
ERD50 is offline   Reply With Quote
Old 02-03-2017, 08:37 PM   #12
Give me a museum and I'll fill it. (Picasso)
Give me a forum ...
harley's Avatar
 
Join Date: May 2008
Location: Following the nice weather
Posts: 7,104
Quote:
Originally Posted by exnavynuke View Post
The very first thing I do when a "company" sends me an email about my account(s) is to independently log on to my account with that company (i.e. go to www.netflix.com or www.amazon.com etc) and check to see if there's any reason to believe the email. I NEVER click email links unless I'm 100% sure that it is safe to do so (I'd click a link to reset my password only if I had just requests a password reset for instance).
+many. I did that just today. I got an email from BB&T telling me my account had been locked due to too many logon attempts, and click this link to reset my password. I went to bbt.com and tried to log in. I was locked out, so it was a legitimate email. But I would never click a link in an email without at least hovering over the url. It's usually pretty easy to see if it's bogus or not.

And if someone is billing you for something you didn't sign up for, just delete the email. If it's legit, they'll contact you again. But the odds are it's just spam.
__________________
"Good judgment comes from experience. Experience comes from bad judgement." - Anonymous (not Will Rogers or Sam Clemens)
DW and I - FIREd at 50 (7/06), living off assets
harley is offline   Reply With Quote
Old 02-03-2017, 10:35 PM   #13
Give me a museum and I'll fill it. (Picasso)
Give me a forum ...
Sunset's Avatar
 
Join Date: Jul 2014
Location: Spending the Kids Inheritance and living in Chicago
Posts: 7,143
The emails I get now that my Nigerian Prince has disappeared is notification that my parcel has shipped or they tried to deliver it but nobody answered, so click here to set up new delivery...

Of course there is no store on the email that I have ordered from in a while, so it's fake.
Sunset is offline   Reply With Quote
Old 02-04-2017, 06:34 AM   #14
Give me a museum and I'll fill it. (Picasso)
Give me a forum ...
donheff's Avatar
 
Join Date: Feb 2006
Location: Washington, DC
Posts: 9,306
First rule of phishing is: don't click on links in emails. Go to the site yourself.
__________________
Every man is, or hopes to be, an Idler. -- Samuel Johnson
donheff is offline   Reply With Quote
Old 02-04-2017, 06:59 AM   #15
Full time employment: Posting here.
folivier's Avatar
 
Join Date: Oct 2009
Posts: 726
Also when I get these I look at the email address it was sent from. That usually tells me it is a scam.
And ONLY go to the website independently NOT by clicking a link.
__________________
You do not have a soul. You are a soul. You have a body.
folivier is offline   Reply With Quote
Old 02-04-2017, 07:23 AM   #16
Thinks s/he gets paid by the post
jollystomper's Avatar
 
Join Date: Apr 2012
Posts: 1,955
I'm seeing more legitimate places not even send links in email. They will either ask you to call the number on your credit card or statement, or go to the website yourself. I find it best not to trust ANY link in emails unless my actions generated it (e.g. resetting a password that sends an email for you to confirm).
__________________
FIREd date: June 26, 2018 - wwwwwwhat a rush!
jollystomper is offline   Reply With Quote
Old 02-04-2017, 11:25 AM   #17
Moderator Emeritus
W2R's Avatar
 
Join Date: Jan 2007
Location: New Orleans
Posts: 42,088
Quote:
Originally Posted by donheff View Post
First rule of phishing is: don't click on links in emails. Go to the site yourself.
+1

I never click on links in e-mails. NEVER. And somehow, life goes on despite that.

I get e-mails all the time telling me that I have won a $50 gift card from Amazon because I am such a good customer, so just click here. Yeah right. If Amazon wants to give me $50, it would just show up on my checkout page.
W2R is online now   Reply With Quote
Old 02-04-2017, 11:36 AM   #18
Thinks s/he gets paid by the post
RobbieB's Avatar
 
Join Date: Mar 2016
Location: Central CA
Posts: 3,956
Yeah, I'm a great customer and they never gave me fifty bucks.
__________________
Retired at 59 in 2014. Should have done it sooner but I worried too much.
RobbieB is offline   Reply With Quote
Old 02-04-2017, 04:53 PM   #19
Give me a museum and I'll fill it. (Picasso)
Give me a forum ...
audreyh1's Avatar
 
Join Date: Jan 2006
Location: Rio Grande Valley
Posts: 21,977
I've gotten emails with shipping notices requiring some action for things I did not order, and urgent invoices/bills that needed to be addressed. The bills - immediate detection, the shipping notice - those take a couple of seconds to register that it is bogus.
__________________

__________________
Retired since summer 1999.
audreyh1 is offline   Reply With Quote
Reply


Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
anyone use netflix streaming? frank Other topics 34 06-25-2011 08:06 AM
Netflix "Instant to your TV" MichaelB Other topics 38 08-14-2009 05:22 PM
Just Got a DVD Player and Netflix MikeD Other topics 4 03-22-2007 05:30 PM
Blockbuster vs. Netflix? Hyperborea Other topics 3 01-20-2005 11:34 AM
NetFlix JWV Other topics 12 12-01-2004 05:17 AM

» Quick Links

 
All times are GMT -6. The time now is 11:09 PM.
 
Powered by vBulletin® Version 3.8.8 Beta 1
Copyright ©2000 - 2019, vBulletin Solutions, Inc.