Don't rely on companies (especially those that require payment details) to have bullet proof security at their end.
With the current COVID-19 pandemic, it is probably safe to assume that the subscriptions for streaming platforms such as Netflix have risen, and for those already subscribed, are probably using them more than they did previously. Attackers are certainly aware of this and will use both old and new techniques to try and steal your data.
It is up to you to be vigilant. Look for signs of impersonation and pay close attention to emails purporting to be a service provider. Same applies to calls and text messages.
Look for signs such as:
- You have a limited time to respond or your account will be blocked.
- Your payment details are incorrect and you need to re-enter/verify them.
Some of these fake entry forms can be quite convincing but always navigate to the website via a known reliable source such as your bookmarked link. Always treat emails requesting information or asking you to click on a link as suspicious. If in the end they are legitimate then great, but if you have already responded and think you may have given your details away to a suspected fraudster, contact the card issuer immediately who will advise you accordingly, and change your account passwords.
A recent wave of phishing attacks aiming to steal payment card info and credentials for Netflix streaming service starts with redirecting to a functioning CAPTCHA page to bypass email security controls.