Disney+ Cyberattack Scams on the Rise, Streaming Subscribers Beware

in Disney

The Disney+ logo with a sad sitting Mickey Mouse

Credit: Disney

Malevolent cyber-scammers are increasingly targeting Disney+ subscribers and imitating the streaming service with frightening precision, which is bad news for a company already struggling to keep loyal customers.

Walt Disney Castle logo with Mickey Mouse looking aghast
Credit: Disney/Inside the Magic

In the last several decades, cyberattacks on consumers have become a common source of irritation and financial distress around the world. Online security companies around the world struggle to keep up with new advances in scams like phishing email (attempting to maliciously obtain private information by pretending to be a legitimate organization), ransomware (using malware to lock a computer until a ransom is paid to have it released), and domain name system spoofing (pretending to be a trusted site in order to receive sensitive data like passwords and user names).

In 2022 alone, the FBI reports that American consumers lost over $10 billion to internet scams, with phishing attempts being by far the most prevalent (per ABC). Cyberattacks are currently at a five-year high, with hundreds of thousands of people being fooled by a phishing scam by threat actors.

Mickey Mouse welcoming you to an AI world of circuitry
Credit: Disney/Canva

Related: Disney+ Liquidating Assets, Platform Sends Out Warning

Disney+ and its subscribers are now under attack by these kinds of cyberattack scams, with customers of the streaming platform receiving disturbingly sophisticated attempts to get them to make fraudulent payments.

San Francisco-based email security platform Abnormal Security reports that an unknown threat actor attempting cyberattack scams against Disney+ has targeted numerous people across 22 organizations in a multi-stage attempt to get subscribers to think they are paying a charge to the Walt Disney Company service.

Firstly, individuals received what appeared to be auto-generated emails from a Disney account, informing them that there was an immediately pending charge for subscribers. As is common with many scams of this kind, the cyberattack involved creating a sense of urgency in the targeted individuals by telling them the charge would go through that day if they took no action and to contact a provided, fake customer support team in order to not lose money.

Unusually, each email contained a personalized attachment with the name of the targetted person, including falsified information like an invoice number and a total charge of $49.99. Although Disney+ has raised its subscription price several times in the last year (much to the displeasure of its customers), even the Disney+ premium with no ads tier only costs $13.99.

The cyberattack scam PDF also contains a phone number for a “customer support service,” which will lead an uncautious Disney+ subscriber to be directed to either provide financial information (like bank account or credit card numbers) or to download malware that can further compromise their computer.

Shocked Mickey Mouse with AI symbol
Credit: Inside the Magic

Related: Disney+ Canceled? Massive Boycott Trends After Elon Musk Calls Out Company

Although cyberattack phishing is regrettably common, this attempt to scam Disney+ users is surprisingly sophisticated and more difficult for subscribers to detect. For one thing, the text of the emails (and PDF) is free of the typical misspellings and broken grammar that often indicate scams, and the sender email of tv-disney@mail.tv-disney[.]com closely mirrors that of the real Disney+, rather than a generic, free email service.

The cyberattacks also do not include embedded malware or malicious links, meaning that they can bypass security measures intended to filter out this kind of scam. Instead, the people behind these scams are using the logo and brand imagery of Disney+ in order to build familiarity and trust in potential victims.

Disney+ has already been dealing with the loss of millions of customers and continued unprofitability while trying to remain competitive with Netflix, Max, and Amazon Prime Video. Discovering its subscribers are being specifically targeted by sophisticated scams is probably the last thing it needs right now.

For more information on preventing cyberattacks and phishing fraud, please visit FBI tips and warnings and be cautious with your personal information.

in Disney

Comments Off on Disney+ Cyberattack Scams on the Rise, Streaming Subscribers Beware