The PayPal Netflix Premium Subscription Invoice Email Scam Explained

Written by: Thomas Orsolya

Published on:

Have you received an email that appears to come from Netflix, thanking you for an order and telling you that you’ve been charged for a premium subscription? These phishing emails are designed to trick unsuspecting users into providing sensitive information or payment to scammers posing as Netflix or PayPal.

scam 4

Overview of the Scam

The PayPal Netflix premium subscription invoice email scam is a common phishing attack targeting Netflix users. Scammers send fake emails pretending to come from Netflix or PayPal, alerting recipients that their account has been charged for a premium Netflix subscription upgrade.

The emails include official-looking invoices with the PayPal logo, aiming to trick users into thinking the messages are legitimate. However, it is simply a fraudulent attempt to steal personal information and money.

This scam starts when Netflix subscribers receive an unsolicited email regarding an unauthorized Netflix subscription tied to the recipient’s PayPal account.

The sender address is spoofed to appear as an official Netflix or PayPal email address. Subject lines often state “Thanks for Your Order” or “Your Netflix E-bill.”

The body of the email typically says something like “Your Netflix premium subscription has been activated and charged to your PayPal account as attached in this invoice.”

Attached to the email is a fake PDF receipt made to look exactly like an official PayPal invoice. It has the recipient’s name, a 13-digit “transaction number,” today’s date, and an amount ranging from $100 to $500 for the alleged upgraded Netflix subscription.

Other examples of false claims in the Netflix PayPal invoice emails include:

  • Your Netflix membership has been automatically renewed for the next year
  • Payment of $281.09 for your Netflix premium subscription has been processed
  • Click here to update your Netflix billing information
  • You must call immediately regarding unauthorized charges

These emails instill fear and urgency in recipients, pressuring them to act quickly. The message and realistic-looking invoice aim to convince users the renewal and charges are valid.

The emails then provide a customer support phone number, urging the recipient to call regarding any questions or to cancel the unauthorized transaction and get a refund.

However, the phone numbers in scam emails are not real Netflix or PayPal contacts. They connect directly with scammers posing as customer support.

When worried recipients call thinking they will resolve the unauthorized billing issue, the scammers pretend to be Netflix or PayPal support agents. They confirm on the call that the premium charge is valid and offer to cancel the transaction and refund the money. This makes victims believe the situation will get resolved, luring them into the trap.

From there, the fake support agents start asking for sensitive personal information, claiming they need it to process the refund. But in reality, this allows them to steal identities, compromise accounts, and commit payment fraud using the victim’s information.

This Netflix PayPal invoice phishing scam is painstakingly designed to look authentic and use trusted brands to extract personal data and money from victims. Caution should be taken if similar unsolicited emails are received about questionable subscription charges.

This scam has been also investigated by Jordan Liles on his YouTube channel, where he offers a detailed video on the subject. We recommend watching his content for a comprehensive understanding of the scam.

Next, let’s break down exactly how scammers carry out this scam from start to finish.

How the Netflix PayPal Invoice Scam Works

Here is a step-by-step overview of how the Netflix PayPal invoice email scam operates:

1. Recipients Get a Fake Invoice

The scam starts with an email sent to Netflix subscribers. The sender address is spoofed to appear as a legitimate Netflix email, even though the message actually originates from scammer accounts.

The subject line says something like “Thanks for Your Order” or “Your Netflix E-Bill.” The body of the email claims that the user’s Netflix subscription has been renewed and charged to their PayPal account.

Attached is a fake PDF invoice printed with the PayPal logo. It has the recipient’s name, a transaction number, date, and an amount around $100-$500 for the alleged Netflix premium subscription.

2. Email Directs Victims to Call Fake Support

The email urges recipients to call a phone number provided to cancel the transaction or address any issues. Some variants explicitly tell users to call PayPal customer support.

However, the phone numbers in the emails are not legitimate PayPal or Netflix contacts. Instead, they connect directly to the scammers.

3. Scammers Pose as Support Agents

When victims call the number, scammers answer the phone posing as PayPal or Netflix customer support agents. They have scripts to make the interaction seem as credible as possible.

The fake agents confirm that the charge and subscription renewal is valid. Then they offer to cancel the transaction and issue a refund, further gaining the trust of victims.

4. Scammers Request Personal Information

After leading victims to believe the situation will be resolved, the scammers start eliciting sensitive personal and financial information. This includes:

  • PayPal account email and password
  • Bank account and routing numbers
  • Credit card numbers and CVV codes
  • Government ID images
  • Driver’s license details
  • Social Security Number

They claim this info is needed to process the refund. However, it allows them to steal identities, drain bank accounts, and commit payment fraud.

5. Fake Refunds Issued

To further the ruse, scammers will even initiate fake refunds and confirmation emails making it appear that the money has been returned to victims. But in reality, they pocket all funds sent to them.

6. Accounts Compromised and Identities Stolen

With all the personal data obtained, scammers can now easily access and drain the victim’s financial accounts. They use stolen IDs to open fraudulent accounts, take out loans, and commit other identity theft.

The scam victims suffer financial loss, account compromise, and serious identity theft headaches that can take months to fix.

What to Do If You Get This Scam Email

If you receive an email about an unauthorized Netflix subscription tied to your PayPal account, here are the steps to take:

  • Do not call any phone numbers in the email. They will connect you to scammers, not real support.
  • Do not click any links in the email. They can download malware to compromise your device.
  • Check your accounts by logging directly into your Netflix and PayPal accounts. Look for any unauthorized charges.
  • Report the email as phishing to your email provider. You can also forward to the FTC at spam@uce.gov.
  • Contact PayPal support through their official website at paypal.com if you see any suspicious activity.
  • Monitor your accounts for fraudulent charges and identity theft. Place fraud alerts and get credit reports if needed.
  • Change passwords for any accounts associated with information given to scammers. Enable two-factor authentication where possible.
  • Beware of recovery scams where new scammers contact you posing as investigators to help get your money back. They are after even more sensitive data.

Frequently Asked Questions About the PayPal Netflix Invoice Email Scam

1. What is the PayPal Netflix invoice email scam?

The PayPal Netflix invoice email scam is a phishing scam where scammers send fake emails pretending to be from Netflix or PayPal. The emails claim the recipient’s Netflix subscription has been renewed and charged through PayPal, attaching a fake invoice demanding payment. This is done to trick recipients into calling fake customer support numbers controlled by scammers in order to steal personal and financial information.

2. How do the scam emails work?

The phishing emails are made to look like official Netflix or PayPal communications regarding an unauthorized Netflix subscription renewal tied to your PayPal account. The sender email addresses are spoofed and the emails have subject lines like “Thanks for Your Order” or “Your Netflix E-Bill.”

The scam emails claim your Netflix subscription has been renewed and charged to your PayPal account, attaching a realistic looking but fake PayPal invoice as proof. The invoices list your name, fraudulent transaction numbers, dates, and renewal amounts from $100-$500.

3. What happens if you call the number in the emails?

The scam emails provide customer support numbers and urge you to call regarding any issues with the charges or to cancel the transaction for a refund. However, the phone numbers connect you directly with scammers posing as Netflix or PayPal support agents.

When you call, the scammers confirm the charges are valid and offer to cancel and refund the unauthorized transaction, tricking you into thinking the issue will get resolved. But then they ask for personal info like account credentials and banking details, claiming it’s needed to process refunds when in reality they steal your information.

4. What are the red flags of the scam emails?

There are several indicators that identify the PayPal Netflix emails as fake phishing scams:

  • The sender email address is suspicious, often containing the company’s name but ending in @gmail, @yahoo, etc. Real emails would be from an official domain like @paypal.com or @netflix.com.
  • You did not initiate any subscription upgrade. Legitimate charges come after explicit sign-ups and consent.
  • You are asked to call a provided number regarding any issues with the charge. Official companies provide numbers on their websites or account statements.
  • There are spelling and grammatical errors throughout the email and invoice. Official emails and receipts would not contain such mistakes.
  • The PDF invoice attachment does not have an official document number. It’s just random digits made to look real.

5. What should you do if you receive the scam email?

If you get a suspicious email about a Netflix subscription tied to your PayPal account:

  • Do not call any numbers in the email, as they will connect you with scammers impersonating support.
  • Do not click on any links in the email, which may contain malware.
  • Log in directly to your official Netflix and PayPal accounts to check transaction histories for any unauthorized charges.
  • Report the phishing email to your email provider and forward to the FTC at spam@uce.gov.
  • Contact official PayPal customer support if you see any unusual activity in your account.
  • Monitor your accounts and credit reports closely for signs of identity theft.
  • Never provide personal information over the phone to unsolicited callers.

6. How can you protect yourself from the scam?

You can avoid falling victim to the PayPal Netflix invoice phishing scam by:

  • Enabling two-factor authentication on your financial accounts for extra security.
  • Checking sender addresses carefully before opening emails.
  • Never calling phone numbers or clicking links provided in suspicious emails.
  • Monitoring your accounts frequently for unauthorized activity.
  • Being cautious of anyone demanding immediate payment or personal information.
  • Ensuring all devices have updated malware/antivirus software installed.
  • Reporting any phishing attempts, even if not fooled yourself.

7. What should you do if you already provided your information to scammers?

If you already called the scammers and shared any personal or financial details, take these steps immediately:

  • Contact your bank and all credit card companies to alert them your accounts may be compromised. Request that they flag your accounts and monitor for fraud.
  • Place a 90-day fraud alert on your credit reports and review the reports to identify any suspicious activity.
  • Change the passwords and enable increased security options like multifactor authentication on any of your online accounts that may be affected.
  • File an identity theft report with the FTC at IdentityTheft.gov and get an IRS IP PIN if tax fraud is suspected.
  • Contact your local authorities to file a police report regarding the fraud. This creates a paper trail and can help recover lost money.
  • Check your health insurance accounts as well, as stolen information could allow scammers to obtain medical services in your name.

Acting quickly can help limit the damage from any personal information compromised by scammers. But be vigilant, as more fraudulent activity may pop up over time.

The Bottom Line

The PayPal Netflix subscription invoice phishing scam can be convincing with its official branding and urgent payment demands. But remember – legitimate companies will not ask for personal or payment information via unsolicited emails.

Always verify any payment notifications directly through official account channels. Look out for telltale signs of phishing like spoofed sender addresses. And never call phone numbers or click links in suspicious emails. With caution, you can avoid falling victim to these malicious scams.

How to Stay Safe Online

Here are 10 basic security tips to help you avoid malware and protect your device:

  1. Use a good antivirus and keep it up-to-date.

    Shield Guide

    It's essential to use a good quality antivirus and keep it up-to-date to stay ahead of the latest cyber threats. We are huge fans of Malwarebytes Premium and use it on all of our devices, including Windows and Mac computers as well as our mobile devices. Malwarebytes sits beside your traditional antivirus, filling in any gaps in its defenses, and providing extra protection against sneakier security threats.

  2. Keep software and operating systems up-to-date.

    updates-guide

    Keep your operating system and apps up to date. Whenever an update is released for your device, download and install it right away. These updates often include security fixes, vulnerability patches, and other necessary maintenance.

  3. Be careful when installing programs and apps.

    install guide

    Pay close attention to installation screens and license agreements when installing software. Custom or advanced installation options will often disclose any third-party software that is also being installed. Take great care in every stage of the process and make sure you know what it is you're agreeing to before you click "Next."

  4. Install an ad blocker.

    Ad Blocker

    Use a browser-based content blocker, like AdGuard. Content blockers help stop malicious ads, Trojans, phishing, and other undesirable content that an antivirus product alone may not stop.

  5. Be careful what you download.

    Trojan Horse

    A top goal of cybercriminals is to trick you into downloading malware—programs or apps that carry malware or try to steal information. This malware can be disguised as an app: anything from a popular game to something that checks traffic or the weather.

  6. Be alert for people trying to trick you.

    warning sign

    Whether it's your email, phone, messenger, or other applications, always be alert and on guard for someone trying to trick you into clicking on links or replying to messages. Remember that it's easy to spoof phone numbers, so a familiar name or number doesn't make messages more trustworthy.

  7. Back up your data.

    backup sign

    Back up your data frequently and check that your backup data can be restored. You can do this manually on an external HDD/USB stick, or automatically using backup software. This is also the best way to counter ransomware. Never connect the backup drive to a computer if you suspect that the computer is infected with malware.

  8. Choose strong passwords.

    lock sign

    Use strong and unique passwords for each of your accounts. Avoid using personal information or easily guessable words in your passwords. Enable two-factor authentication (2FA) on your accounts whenever possible.

  9. Be careful where you click.

    cursor sign

    Be cautious when clicking on links or downloading attachments from unknown sources. These could potentially contain malware or phishing scams.

  10. Don't use pirated software.

    Shady Guide

    Avoid using Peer-to-Peer (P2P) file-sharing programs, keygens, cracks, and other pirated software that can often compromise your data, privacy, or both.

To avoid potential dangers on the internet, it's important to follow these 10 basic safety rules. By doing so, you can protect yourself from many of the unpleasant surprises that can arise when using the web.

Previous

Bufcex Crypto Scam – Our Breakdown of This Crypto Con

Next

Cggig.com Crypto Scam – Read Our Findings Here