germgod ruaidhri derrin

0 views
Skip to first unread message

Marie Ota

unread,
Aug 2, 2024, 12:33:40 AM8/2/24
to gentdowspronas

I don't have a Netflix account and never have done. I have a Gmail address which I have never used for public communication. Suddenly I started getting email to this Gmail address from Netflix - not a "Welcome to Netflix" email or one requesting address verification, but what looked like a monthly promo for an existing account. This was addressed to someone with a different real name, with that name not similar in any way to the Gmail name.

After a few of these messages I decided to investigate by going to Netflix and trying to log in with that email address. Using the "forgotten password" option I was able to get a password reset email, change the password and log in. The account appeared to be from Brazil, with some watch history but no other personal details stored and no payment information.

Soon the emails from Netflix started to ask me to update payment information. I didn't, of course, and then they changed to "your account will be suspended" and then "your account has been suspended". The "come back to Netflix" emails are still coming in occasionally.

I don't see how this could possibly be a phishing attempt - I carefully checked that I was on the real Netflix site, used a throwaway password not used on any other sites, and did not enter any of my personal information. I also checked the headers of the emails carefully and they were sent by Netflix. So is this just a mistake on somebody's part, mistyping an email address (although it's surprising that Netflix accepted it with no verification), or something more sinister?

(Note that the above steps don't include any "password reset" step for Jim to access the account; that's because the email from Netflix includes authenticated links that won't ask for it. The attacker wants the victim to click on the email links instead of visiting Netflix manually, this is what enables "Eve" to log back in to the account in step 7. Or, since Netflix emails authenticated links, possibly "Eve" already has one.)

The above situation is partially caused by Netflix (understandably) not recognizing Gmail's "dots don't matter" feature where email sent to [email protected] and to [email protected] end up in the same account. That doesn't really matter in your case (given that if this is how you're trying to be scammed, step 1 was skipped entirely), however.

The most probable situation is that someone used an arbitrary Gmail address (yours) in order to sign up for a free trial, or mistakenly tried to change their email to the wrong address (maybe to have a friend/family also get emails).

This would not be a "hack" or even a phishing attempt, just using any available address. This does mean that your Gmail address could not be used for a free trial at Netflix, so there is that negative impact to you.

As a side note, by logging into someone else's account, you have violated many country's "unauthorised access" laws. I would not make a habit of doing this (or telling others on public sites that you have".

I get dozens to hundreds of e-mails from legitimate companies (car dealers, LA dept of water and power, Macys.com, cell phone activation notes, the payroll company ADP, and Nationwide insurance) from people with my first name and an initial matching my last name.

The worst was in early 2019, when I received medical records (Lab results in a .PDF file) - a clear HIPAA violation, since e-mail isn't an authenticated or encrypted communications channel. The "medical records" person, who should know the law, was the sender of the e-mail.

In my case, none of them are nefarious, but represent clueless users or even worse, clueless sales clerks (such as Lenscrafters in Maryland), the Apple store in Manhattan, and others too numerous to mention.

I got emails from Netflix too saying that my account was cancelled and that there was a sign in attempt somewhere from the US... except that I live in Canada, and have never made a Netflix account in the first place. I went directly to the Netflix website and was able to speak to a representative, and they deleted the account. There was no payment information either. I don't understand why this happened, either someone has a similar email address yet without the dots, or perhaps there is some sinister reason, but I wouldn't know. I've wondered if someone might do this hoping that the other person would fill in their payment information, thus enabling the account.

If you have a Gmail account, you can simply input certain characters and symbols, like a plus sign or a period, into your email address. This throws off third-parties by thinking it's a completely new email address, while Gmail treats it no different than your original email address (they ignore periods and some special characters).

This way you still receive all of the emails that you regularly would under you regular account (exa...@gmail.com), but the services that you sign up for treat it like a new email address and user (exam...@gmail.com).

I am a huge fan of Spotify, but really don't want to spend 10 bucks a month for premium membership. Thankfully, Spotify offers a 30-day free trial of the premium account. But I already used my email address for the trial a few months ago, so when I tried to sign up again they hit me with this:

This is a great way to save money in a time where money is tight for everyone one. You will still need to input your credit card information and whatnot, so be to sure to cancel your subscriptions before the trials end.

Just updated your iPhone? You'll find new features for Podcasts, News, Books, and TV, as well as important security improvements and fresh wallpapers. Find out what's new and changed on your iPhone with the iOS 17.5 update.

This is not true. That would mean that Spotify is blocking one person to pay for multiple accounts. So a dad couldn't pay for the whole family? I don't think Spotify cares as long as they get their money.

Netflix knows if the credit card has been on another account. I use to do this with prepaid Visa cards. I have about 20 email addresses from it. But I'd just buy a 25 dollar Visa card every month and use it to get a new account and then spend the card on normal stuff like snacks and cigs.

my email is chris.god...@gmail.com. i am a hacker and a pirate. i search for leads to software vulnerabilities and i exploit them and hack. this method you used does not work, is incorrect, and considering how serious you come off, is a downright lie. if you send an e-mail to me, but leave out the periods, i will not receive the email, it will go to the email address you typed. gmail, like all other emails, allow you to use periods and such, but every last one counts as a character. first of all, gmail counts the number of characters, then the arrangement. the reason i know their security filter procedure is because i used to work for google in lenore nc. you sir, are incorrect. however, there are ways to sign up once and get a free account. unlike your untested theory that sounds good, this actually works and i will explain how. in order to do this you will need a wii, playstation or xbox 360. on a computer, sign up for a 30 day trial for netflix or whatever. then install it on your game console. immediately block disk updates (you may have to install soft mod files to use this option) and install netflix on your console. now, stream a film or show and when it loads, pull the power plug. this is an important step as your game console will immediately save the cookies, but will not delete the temp because you powered off, circumventing the logout sequence. now get on a pc and discontinue your free trial. now, plug your console back in. presto, still have the cookies to access the membership, but netflix canceled it meaning you never have to pay. if you need further instructions, email me and i will show you exactly how to do it.

You idiot. Try e-mailing yourself at chrisgod...@gmail.com without the periods and see what happens. That's right, halfwit--it goes through to chris.god...@gmail.com--contrary to your incredibly underinformed tirade.

to be clear, this poster's technique does not work, never did work, and never will. just someone bored and lonely wanting to impress people or stumbled upon a cookies method of account hacking by accident and tried to post his steps here hoping to recreate it. good luck all

Wait, so my original spotify account with the original email with no period in it will benefit from another free trial, or only the new account with the period email will get the free trial? Because that means I'll still have to switch between accounts every month

My English is not very well, but if I read this correctly, you make an account on Gmail, after one month, you change your name, and you take a new trial and it's done? Now I have one more question : if you change your email adress, do you sill have (for example) your saved playlists on Spotify or your saved favorites on Netflix?

I am new to multiple Rokus. We are moving into new house and I have purchased Rokus for each room. When setting them up I understand that I can have them all connect to a single account or I can create individual accounts for each?

Even your Roku devices are connected to a single account, you can still view or watch different channels/contents at the same time. The purpose of linking them to just one account is to make sure that you won't be double-billed for any subscription that you will sign up for.

@iwasbutter1st, in addition to what @Strega said, if your subscriptions to the various streaming providers are directly with the provider and not through Roku then it doesn't matter what Roku account your devices are linked to.

If you've already set up the devices then you can verify the Roku account on each one by going to Settings->System->About and viewing the email address. You can also see what devices are linked to a Roku account by going to and scrolling down to "My linked devices". There is no way to change the Roku account on a device other than factory resetting the device.

90f70e40cf
Reply all
Reply to author
Forward
0 new messages