Tyler Cross
Published on: December 6, 2023

Be cautious of a new email scam that sees hackers impersonate employees with Disney+. The scam is so effective because of the extensive level of detail and personability of the multi-stage scheme, says Abnormal Security, a San Francisco-based email security platform.

The scam starts like most modern scams do, via phishing email. The scammers begin by sending an email that looks like an automatic subscription renewal message. They tell the victim that their subscription will renew on that day and that if they have any issues, they can simply call customer support.

A personalized PDF file that contains the use is provided which shows the fake auto-renewal information. Unlike the standard Disney + subscription, which costs up to $13.99 based on your plan, the scam informs its victims that the renewal price is set to $49.

Finally, they attach a phone number for their “customer support” team, who will then collect the victim’s data while pretending to work with Disney+.

“The emails are free of misspellings and have only a small number of minor grammatical errors. There are no phishing links, and the PDF contains no extra code or malware, so it can be safely downloaded without issue,” explains Abnormal Security.

These attacks see a lot of success due to their deceptive natures. Normal online security methods often fail to capture sophisticated social engineering attacks that rely on personalized phishing scams.

“SEGs only flag messages with obviously malicious indicators of compromise (IOCs) and lack the functionality to detect the use of social engineering.”

In addition, legacy security systems often flag malicious activity based on past reports, meaning new activity can go unseen for a while. Without the integration of artificial intelligence, security systems are simply unfit to keep up with modern threats.

Be sure to double-check the authenticity of all emails you receive and remember to keep an eye out for suspicious activity.