Hackers Impersonating Disney+ Employees in Email Phishing Attacks

Tyler Cross
Tyler Cross Senior Writer
Tyler Cross Tyler Cross Senior Writer

Be cautious of a new email scam that sees hackers impersonate employees with Disney+. The scam is so effective because of the extensive level of detail and personability of the multi-stage scheme, says Abnormal Security, a San Francisco-based email security platform.

The scam starts like most modern scams do, via phishing email. The scammers begin by sending an email that looks like an automatic subscription renewal message. They tell the victim that their subscription will renew on that day and that if they have any issues, they can simply call customer support.

A personalized PDF file that contains the use is provided which shows the fake auto-renewal information. Unlike the standard Disney + subscription, which costs up to $13.99 based on your plan, the scam informs its victims that the renewal price is set to $49.

Finally, they attach a phone number for their “customer support” team, who will then collect the victim’s data while pretending to work with Disney+.

“The emails are free of misspellings and have only a small number of minor grammatical errors. There are no phishing links, and the PDF contains no extra code or malware, so it can be safely downloaded without issue,” explains Abnormal Security.

These attacks see a lot of success due to their deceptive natures. Normal online security methods often fail to capture sophisticated social engineering attacks that rely on personalized phishing scams.

“SEGs only flag messages with obviously malicious indicators of compromise (IOCs) and lack the functionality to detect the use of social engineering.”

In addition, legacy security systems often flag malicious activity based on past reports, meaning new activity can go unseen for a while. Without the integration of artificial intelligence, security systems are simply unfit to keep up with modern threats.

Be sure to double-check the authenticity of all emails you receive and remember to keep an eye out for suspicious activity.

About the Author
Tyler Cross
Tyler Cross
Senior Writer

About the Author

Tyler is a writer at SafetyDetectives with a passion for researching all things tech and cybersecurity. Prior to joining the SafetyDetectives team, he worked with cybersecurity products hands-on for more than five years, including password managers, antiviruses, and VPNs and learned everything about their use cases and function. When he isn't working as a "SafetyDetective", he enjoys studying history, researching investment opportunities, writing novels, and playing Dungeons and Dragons with friends."