Don’t click on “must validate account” email scams!

This fake message from “Netflix” almost got me, and as you know I’m quite skeptical about these things. Unlike most scams, it’s neatly formatted and well-written. And because my family has a Netflix account, it didn’t seem completely unreasonable.

What gave it away? First, vendors don’t sent out emails demanding to “validate” information or your account will be closed or suspended. They simply don’t.

Second, looking at the email’s invisible details gave away the scam:

• The “from” address (not shown above in the graphic capture of the message body) was from “email hidden; JavaScript is required.” Such a message wouldn’t come from the email.com domain, it would come from netflix.com.
• Hovering my mouse over the “Click here to validate your account” link shows that it goes to http://ssl-billingeu.com/. What the heck is that? It’s surely not Netflix!

When you get emails that seem plausible, hover your mouse over the links, and see where they go. Don’t click. If the link destinations smell wrong, the message is a scam. Plain and simple. Don’t respond, don’t click on anything in such messages; simply delete them.