A DANGEROUS and convincing “Disney+” scam email could empty your bank account.
Cybersecurity experts have revealed what the message looks like – and are urging users not to fall for it.
1
A popular way to scam victims is through “phishing” – pretending to be a well-known brand to trick you into handing over cash or info.
Criminals often use big brands – like Disney+, in this case – that email users feel familiar with, and may even use.
Phishing scams are popular because they’re very easy to carry out, but they can be very dangerous if criminals put in effort to make them convincing.
Now Abnormal Security has issued an urgent warning over a Disney+ scam that is designed to look very real – and it’s extremely dangerous.
It even names the victim personally in an attached billing document.
Cyber-experts say this is highly unusual – and could be enough to convince innocent victims to fork over info and even cash.
“What sets this attack apart is the level of personalization and attention to detail employed by the perpetrators,” said Mike Britton, Chief Information Security Officer at Abnormal.
He warned that even “vigilant individuals” would struggle to spot this malicious attack.
Most read in News Tech
How does the scam work
The scam warns you that you’ve got a big Disney+ bill to pay.
And you’re asked to contact the support team if you didn’t approve it.
The email includes an attachment with your name, and details the sum of money that you’re going to need to pay.
“The message states that, per the contract signed during the initial registration process, the recipient will be automatically billed on September 21 – the same day the notification was sent,” Britton explained.
“The email continues by explaining that if the payment is authorized, no further steps are required.
“However, if the recipient did not approve this transaction, they can contact the support team.”
The idea is that you call the support number on the email, which is where things start to go wrong for you.
You’ll be asked to provide sensitive info like banking details or login info, the Abnormal report explains.
And this will be used to “complete fraudulent transactions or compromise accounts”.
You may also be asked to download software to “assist with stopping the charge”, but it’s actually malware that lets criminals control your computer.
How to stay safe
Always be extremely cautious if you receive any emails asking for – or warning you about – payments.
Never use contact details included in an email like this.
Instead navigate to the official website – like www.disneyplus.com – and contact support through there using verified details.
Then you can check whether the email you’ve received is real or fake.
Read more on The Sun
Also, check to see if the email came from a legitimate address or has strange formatting or typos.
Never hand over any sensitive information over the phone unless you’re sure that you’re talking to an official company representative – and that they absolutely need it for a legitimate reason.
