Someone else may be secretly watching your Netflix.

According to a recent Symantec Internet Security Threat Report Australian Netflix account logins are being stolen and sold to others across the globe at a fraction of the usual monthly subscription cost. These “leechers” login undetected and enojoy the TV shows and movies you pay for without raising suspicion.

Symantec discovered active Australian Netflix accounts being advertised on black market websites. Account holders’ usernames and passwords are on-sold to piggybackers for as little as $A2 a month. These stolen, cut-price logins are openly advertised as illegal. What makes the scam so unique is that the Netflix owner of the account has no idea it’s happening. They are not locked out of their account. No passwords change.

Netflix Black Market Ad

An online advertisement for stolen Netflix passwords found by Symantec.

Roy Morgan research suggests 2.728m Australians joined Netflix by the end of 2015. Interestingly, the “scammers” behind the stolen accounts even go as far as telling their customers ‘no changing of passwords’ – because it’ll alert the real account owner that something isn’t right.

If you’re a Netflix user you can find out who is using your account on its website. First, check your watching history. If you see suspicious activity, Netflix recommends you sign out all devices and reset password.