Satisnet Ltd, Basepoint Innovation Centre, 110 Butterfield Great Marlings, Luton, Bedfordshire, LU2 8DL
+44 (0) 1582 434320

Netflix Scan Emails

Netflix Scan Emails

Netflix Scan Emails

Netflix is a popular online movie streaming platform where millions of users take the benefit of this service. As we know the online scam is transforming into a complex stage where it’s hard to believe on company emails that comes in the inboxes.

While we are used to receiving scam attempts pretending to be from banks, online shops, credit card companies, and international courier services that does not mean all the other emails are safe.

Following this is an example to validate this point.

The sender address, in this case, was supportnetflix@checkinformation[.]com and the content of the email informs us that there has been a problem with our last payment. It's obvious to those of us who are not customers of Netflix this is the first red flag. The fact that the domain name checkinformation[.]com does not belong to Netflix is another big red flag. More findings indicate that this domain is available to buy.


This email asks us to fill out our payment details on a site. This should always be a red flag for any person. A security-aware company does not provide you with a clickable button to their site. They will tell you to log into their site and provide you with instructions on how to proceed. They will not provide a direct link to a page with a form to fill out asking for billing information and what not.

When you have to provide such details always look for the green padlock in the address bar of your browser.

Green padlock

Another clue is spelling errors, but again, the lack of them is not a definite green light to proceed. Scammers have learned that their efficiency goes up if they pay attention to their spelling.

Sometimes phishing websites are really slick in design that gives the first impression of its legitimate layout but hackers are leaders in the art of copying the layout and images from legitimate sites. In fact, they usually link to the actual layout and images of the website they are pretending to be.

Source - Malware Bytes Blog