It shouldn't be that hard to figure this out using a variety of metrics - and remember, they can be pretty cautious in their enforcement and the enforcement doesn't have to be real-time.
For example, Netflix can easily notice that a TV is connecting from AT&T Fiber with one IP and another TV is connecting from Spectrum with a different IP. Many times they're watching at the same time so it's not someone on vacation.
It's relatively easy to note mobile devices like iPhones/Android and they have device IDs. Maybe you could hook your phone up to your TV, but most people aren't going to want to do that to save $8/mo (and walk up to their phone connected to the TV to select a new show or pause it). If the phone is on a WiFi connection (rather than cellular), Netflix can easily see that it's not the same household. People aren't likely to want to pay for a cellular plan (at $25+ per month) to avoid an $8 charge from Netflix.
If you're looking to catch 99% of people and you don't need it to be real-time, this should be pretty easy. Maybe some people will set up home VPNs, but that's going to be a small number of people. Even then, Android devices will give access to WiFi SSIDs in the area and even iOS has a permission to scan for Bluetooth devices which can be used for some amount of locating.
I guess the flip side of your question would be: how would you make it seem like you were connecting from the same household? You'd probably want all devices to be connecting from the same IP address. You'd probably want all devices connecting to the same SSID - and have neighboring SSIDs be the same. You wouldn't want them to see "they're both connecting to XYZ and have the same IP address, but they're each seeing a dozen additional SSIDs and zero overlap - what are the odds of that?" You can control your own SSID, but not all your neighbors' SSIDs.
I don't think Netflix is looking for something foolproof. I'm guessing they're looking for something that will find most instances of sharing while still being cautious enough that they don't bother people who aren't sharing. Even if your IP address is dynamic or CG-NAT, it'll still be the same for all your devices at a given time. Most people have internet from a handful of companies and it isn't that hard to figure out how those ISPs are handling things and accommodate it.
In fact, Netflix doesn't really need to do this blindly. They have logs from years of our usage. They have probably already detected who is using it in multiple locations and that makes it easy to put a flag on the account for the future. This account has been used in multiple locations for the past 3 years, if something looks suspicious, throw up the validation challenge. On other accounts without such a history, they could be more cautious. Netflix probably isn't worried about one month of sharing compared to the ongoing decade-long sharing that they believe is eating into their revenue. They can bide their time.
For example, Netflix can easily notice that a TV is connecting from AT&T Fiber with one IP and another TV is connecting from Spectrum with a different IP. Many times they're watching at the same time so it's not someone on vacation.
It's relatively easy to note mobile devices like iPhones/Android and they have device IDs. Maybe you could hook your phone up to your TV, but most people aren't going to want to do that to save $8/mo (and walk up to their phone connected to the TV to select a new show or pause it). If the phone is on a WiFi connection (rather than cellular), Netflix can easily see that it's not the same household. People aren't likely to want to pay for a cellular plan (at $25+ per month) to avoid an $8 charge from Netflix.
If you're looking to catch 99% of people and you don't need it to be real-time, this should be pretty easy. Maybe some people will set up home VPNs, but that's going to be a small number of people. Even then, Android devices will give access to WiFi SSIDs in the area and even iOS has a permission to scan for Bluetooth devices which can be used for some amount of locating.
I guess the flip side of your question would be: how would you make it seem like you were connecting from the same household? You'd probably want all devices to be connecting from the same IP address. You'd probably want all devices connecting to the same SSID - and have neighboring SSIDs be the same. You wouldn't want them to see "they're both connecting to XYZ and have the same IP address, but they're each seeing a dozen additional SSIDs and zero overlap - what are the odds of that?" You can control your own SSID, but not all your neighbors' SSIDs.
I don't think Netflix is looking for something foolproof. I'm guessing they're looking for something that will find most instances of sharing while still being cautious enough that they don't bother people who aren't sharing. Even if your IP address is dynamic or CG-NAT, it'll still be the same for all your devices at a given time. Most people have internet from a handful of companies and it isn't that hard to figure out how those ISPs are handling things and accommodate it.
In fact, Netflix doesn't really need to do this blindly. They have logs from years of our usage. They have probably already detected who is using it in multiple locations and that makes it easy to put a flag on the account for the future. This account has been used in multiple locations for the past 3 years, if something looks suspicious, throw up the validation challenge. On other accounts without such a history, they could be more cautious. Netflix probably isn't worried about one month of sharing compared to the ongoing decade-long sharing that they believe is eating into their revenue. They can bide their time.