Netflix, Bingle and AGL Energy Email Scams
Email scams to look out for
This week scammers are impersonating Bingle, Netflix and AGL Energy. Scammers commonly impersonate reputable and large brands, such as the above, as they have a large customer base.
Are you using itro Mail Scan?
- Yes – emails with the potential to harm your business are blocked from reaching your inboxes
- No – these emails can slip through the cracks and a staff member could click the malicious link. Malicious emails can compromise your entire network
1. Bingle – Car Insurance Scam
The well-designed yet straightforward email claims to have received your insurance application but with mistakes in it, promoting the receiver to click the link and correct it.
Source: MailGuard 2017
Tips for spotting this as a phishing scam email
- Incorrect domain name, legitimate emails from Bingle have the domain @bingle.com.au
- Non-personalization or inaccurate details – email reads ‘Dear owner of the car’
- Misleading hyperlinks. Before clicking any links, hover over it and check the domain it is linking you to and if they look suspicious do not click them and instead refer to the companies website
2. Netflix – Another Phishing Scam
Once again, Scammers are impersonating Netflix in another phishing scam. Cybercriminals commonly target brands with large customer bases. So, these scammers are aware if they send a large email out, it is likely many of the recipients have a subscription to Netflix.
Below is the email:
Source: MailGuard 2017
If the recipient clicks any links they are taken to a page to update their credit or debit card details:
Source: MailGuard 2017
The phishing page is acting as a legitimate Netflix portal for customers to update their payment details. Unfortunately, if someone updates their details on an illegitimate page, such as the above, their details are in the hands of cybercriminals.
Tips for spotting this as a phishing scam email
In addition to the tips mentioned earlier
- Check the URL of the website, exit out of anything that looks suspicious
3. AGL Energy – Fake Disconnection Notice
itro MailScan, powered by MailGuard, is intercepting and blocking the below email from reaching users inboxes. If a user clicks a link, they are directed to a JavaScript file containing spyware, ransomware, or viruses.
The sender’s email address looks legitimate. However it is a bogus domain registered in China 2 days ago.
Source: MailGuard 2017
Tips on how to spot an email as illegitimate:
- Non-personalisation or incorrect personal details
- Suspicious or hidden email address, therefore, always check domain addresses because Netflix will only ever send an email from a domain of @Netflix.com
- Misleading hyperlinks. Before clicking any links, hover over it and check the domain it is linking you to and if they look suspicious do not click them and instead refer to the companies website