Scam Alert: Fake Netflix Emails Are Now Bypassing Spam Filters

11 June 2026 4 min read

Person looking worried at their laptop inbox

Spam filters do a lot of quiet work in the background. Most of the junk never reaches you. So when something dodgy lands in your actual inbox, looking the part, it carries a bit more weight. That's exactly what the scammers behind the latest Netflix email are counting on.

Three new scams have been doing the rounds this week. One has found a way past the spam filters. The other two lean on names people trust: the financial regulator and one of the biggest banks in the country. Here's what each one looks like and what to do.

Email scam

1. The fake "Netflix payment failed" email

This one is nasty because of how it gets to you. Normally a phishing email like this would be binned by your spam filter before you ever saw it. Not this batch. The scammers attach a hidden file stuffed with random gibberish text, and that junk confuses the filter into deciding the email looks legitimate. So it lands in your actual inbox alongside the real post.

The email uses your real email address (scraped from an old data breach), Netflix's actual logo and colours, and tells you your payment has failed or your account is on hold. Click the button and you hit a fake Netflix login that grabs your password, then a fake payment page that grabs your card details. The whole thing is multi-step and polished enough to fool people who know to be careful.

Which? flagged this on 10 June. Netflix never emails you a link to fix a payment. If there's a genuine problem with your account, open the app or type netflix.com in yourself. Don't use anything in the email.

Text scam

2. The fake FCA "data breach" text

A text arrives claiming to be from the Financial Conduct Authority, the body that regulates UK banks. It says your personal details were caught up in a fraud report and gives you a number to ring.

Call it and they start gently: your name, which bank you're with, your current balance. Some people are then handed a 5-digit reference code to quote when a "manager" calls back. A while later the same gang rings again, this time pretending to be your bank, and they quote that code back at you. Sounds official. It isn't.

The FCA does not text the public about data breaches. It will never ring you asking for your balance or account details. If you get one of these, forward it to 7726 and delete it. This has been flagged by the Report Fraud Alert service.

Email scam

3. The fake NatWest "biometric login" email

This email claims to be from NatWest and says the FCA is about to make fingerprint or face login mandatory, so you need to click a link and set it up now. It's a lie. The FCA does require banks to use Strong Customer Authentication, but biometric checks have never been made compulsory.

The whole thing is built on a rule that sounds plausible enough that people don't question it. The link goes to a fake NatWest page designed to harvest your banking login. Your bank will never force a security change through a link in an email.

The rule that beats all three: never act on a link or phone number that arrives in a message you didn't expect. Banks, Netflix, the FCA — none of them need you to use their link or ring their number. Go to the company yourself, using the number on the back of your card or an address you type in. The scam only works if you use their route in.

If it's already happened

These are designed to catch sensible people on a busy day. If you've clicked, entered details, or rung one of these numbers, move quickly:

Ring your bank straight away using the number on the back of your card. Tell them exactly what you gave away.
Change the password for any account you entered details into, and anything else using the same password. Email account first — that's the one attackers use to reset everything else.
Turn on two-factor authentication wherever the option exists, so a stolen password alone isn't enough to get in.
If you let anyone remote onto your PC, disconnect it from the internet and get it checked before logging into anything else. Remote access tools like AnyDesk leave the door open.
Watch your statements for the next few weeks.

How to report it

Suspicious emails → forward to report@phishing.gov.uk
Suspicious texts → forward free to 7726 (spells SPAM on the keypad)
Scam website → report at ncsc.gov.uk
Money lost or fraud in progress → Report Fraud on 0300 123 2040

Reporting really does matter, even when it feels like shouting into a void. Every forwarded email and text feeds into the systems that get these sites taken down faster and warn other people before they get caught.

If a scammer has had access to your machine, or you've installed something you shouldn't have, get it looked at before you log into anything sensitive. I offer virus removal and security checks in St Helens — worth doing for peace of mind if you're not sure what they got to.

Mark

Mark has been fixing computers since the late '90s and went self-employed in 2008. Based in St Helens since 2013, he works evenings and weekends from his home in Laffak — friendly, affordable repairs for PCs, laptops, and Macs. See reviews on Google

Think you've been scammed? Or had someone on your PC?

If you've let someone remote in, installed dodgy software, or just want your PC checked over — get in touch and I'll have a proper look.

★★★★★

"Absolutely fantastic service from Local Computer Guy, I was unable to help my grandparents with their computer issues after an unfortunate issue with a scammer and potential virus being installed on their machine. After a quick call I knew they were in good hands. Arrived on time and quickly wiped the machine and made it safe, also helped investigate what had happened and helped my grandparents get using their computer again."
— Joe Gempton, via Google

WhatsApp Me Call 07428 101010