Fake Netflix Renewal Email Triggers Bank Account Lockdown for Phishing Victim

By Andrew Seale | Published on 23 May 2024

In collaboration with Equifax

It started with an email from Netflix, something small and far from sinister. There was nothing suspicious about it, says Tracy T. “That’s the only way Netflix talks to you, right?”

The email address seemed legitimate, the email had all the Netflix branding in it. It told her that her latest payment for Netflix hadn’t gone through.

“I started to put in my bank account and nothing happened,” she says. “I tried again and it’s like, well, what’s going on?” She left the page, logged back into her bank account, scrolling through past payments with more scrutiny. She noticed she’d already paid Netflix. She logged onto Netflix and noticed it was working. That’s when she felt like something was up.

A few hours later she got a call from her bank. They said they’d seen some fraudulent activity on her account. “They stopped everything,” says Tracy. The bank froze all her accounts, her credit card, her debit – everything. She was told to keep the old account open and monitor it for suspicious activity but otherwise, she had to start from scratch.

“It took days trying to set up new debit and credit cards and get new forms for direct deposit and void checks and stuff for people so they could get their payments,” she says. “I felt like an idiot.”

Tracy had been phished, a common scam where fraudsters use emails, text messages, and phone calls pretending to be from a reputable source to steal personal information or install malware on victims’ computers. In Tracy’s case, she felt fortunate the fraud was flagged so quickly.

[Offer productType=”OtherProduct” api_id=”662928bbc8b1883818f83306″]

“I mean, it’s Netflix, whatever, it’s only a minimal payment,” she says. “But they could have gone in and taken everything I had… you feel violated.”

Tracy isn’t alone in her experience. According to the Canadian Anti-Fraud Centre most recent annual report, there were 10,647 reports of phishing in 2022, making it the most impactful form of fraud next to identity theft.

Tracey’s story has a very happy ending, says Vanessa Iafolla, principal at Halifax-based Anti-Fraud Intelligence Consulting, which offers financial crime consulting and support for victims and lawyers. “With Phishing, (her story) is not one you normally hear about.”

Plenty of Phish in the Sea

Iafolla says phishing can be broken into three categories: standard phishing (like what Tracy experienced); spear phishing, a more targeted form where fraudsters use detailed information to try and defraud an individual or business; and whaling, where fraudsters target a high asset individual or business.

With phishing, it’s usually akin to casting a net or trawling the ocean and seeing what you catch. “They’re operating on the, there’s a sucker born every minute principle… that’s the logic they’re following,” she says. As far as social engineering goes, phishing relies on people’s inattention or vulnerability. “It’s fishing, right? You catch what you catch,” she says. “Sometimes it’s a great catch, sometimes you come home and there’s nothing for dinner.”

Phishing often goes hand-in-hand with identity theft. Fraudsters are looking for personal information like your driver’s license number, health card, or Social Insurance Number (SIN) or financial information like your bank account details or credit card number. Sometimes, the link may seem innocuous but actually be used as a gateway to install malware that steals your information without you even realizing it.

According to the CAFC report, 2022 saw a ride in automated texts, with fraudsters waiting for a response before connecting directly with the victim.

Iafolla says seniors and vulnerable populations – specifically newcomers – are especially susceptible to phishing. “There might be like additional kinds of exploitation or knowledge asymmetry,” says Iafolla. There may be a lack of knowledge about how the immigration system works or that different types of government agencies don’t share information with each other and can’t collude to deport someone. So when a number pops up on their phone or an email shows up that purports to be from the Canada Revenue Agency or the government, it’s taken at face value.

“You wind up having people who are very intelligent and competent but for whatever reason – a lack of knowledge – (they) come into this horrible world of victimization because they know enough to know that this is serious and they have to deal with it,” says Iafolla.

[Offer productType=”OtherProduct” api_id=”662928bbc8b1883818f83306″]

A Moment of Pause

So what do you do?

Iafolla says the sophistication of these scams is always changing. Technology is making it easier to clone websites and thinning the line between what’s real and what appears to be real. It requires more scrutiny; it requires a pause.

“Take two seconds and ask yourself why am I receiving this? Like, did you really order something from Amazon? If not, don’t touch it,” she says. And if you did order something, don’t click the link. “Because you ordered it, you have independent access… go into your account and see what’s going on.”

Take a moment and verify, she says. “Even if it takes five minutes, you will save yourself a whole bunch of time and money.”

Secondly, scrutinize the way you’re being informed. Is it generic? Do they use your full name or seem to have the sort of information about you they should have or are they being vague?

“Don’t be taken in by things like suspicious activity or problems with your account like ‘we need to confirm your identity,’ ” says Iafolla. “If you really have had suspicious activity on your bank, you can call your bank – you’d need to call your bank anyway to verify something.”

And finally, remember it’s not personal, even if it feels deeply personal. “You could have been anyone else in the mind of a scammer… it has nothing to do with you, however deeply personal it is.”

This is the second installment in the ‘Scamland Canada’ series, brought to you by Equifax. Through firsthand accounts, it aims to shed light on the cunning tactics of fraudsters, while offering strategies to help readers protect themselves against fraud and identity theft. One of those strategies is to subscribe to Equifax Complete™ Premier, a premium credit monitoring service that allows Canadians to receive alerts directly from Equifax, to monitor their Equifax score daily, and to benefit from the help of an Equifax ID Restoration Specialist in the event that they fall victim to identity theft.

Andrew Seale has spent nearly a decade and a half as a journalist and storyteller committing thoughts and ideas to print. After graduating from journalism school, Andrew took a post at a mining journal as an editor, a front-row seat to the commodity super-cycle and the global financial collapse. After a few years in the industry, he shifted to freelance, accidentally falling into business writing and covering entrepreneurs in Toronto as the city's startup scene was supernova-ing. He's penned stories for The Globe and Mail, Profit Magazine, The Toronto Star, enRoute Magazine, Yahoo Canada, and Vancouver Sun among others.