Scam of the Week: Disney+ Subscribers Targeted by Phishing Scam

Disney Subscribers Targeted by Phishing Scam

Disney Phishing Scam

Following the launch of the highly anticipated Disney+, subscribers are being warned of a vicious email scam that attempts to harvest their personal information.  

More than 10 million people have already subscribed to Disney+ since it launched last week, with The Walt Disney Company claiming to have experienced “extraordinary consumer demand”.  

The recent scam calls on customers of the newly launched streaming service to change their password over “security concerns”, and requests that they input their private account information to update their details. 

The phishing email explains that there may be a problem with the recipient’s credit card information and their account will be locked until the issue has been resolved. 

Disney+ phishing email

With the aim of creating a sense of urgency, the recipient is prompted to click the ‘update account now’ button to activate their account. However, this link then directs unsuspecting victims to a phishing webpage which is cleverly disguised by Disney+ branding. 

As is the case with many similar phishing scams, the dupe website is set up to harvest personal and financial details which can then be sold illegally online. It’s simple for these websites to trick unknowing victims as they will often mirror the styling and branding of a legitimate website. Research reports nearly 1.5 million phishing sites are created each month and are usually highly targeted, sophisticated, hard to detect, and difficult for users to avoid.

The scam comes after the news that thousands of login details for Disney+ accounts have appeared on the dark web, prompting fears that customers have been hacked. Users on social media are saying they are finding unauthorised names and extra profiles added to their accounts when logging in, and others have reported that their contact email and password changed, blocking them from using their own account. 

Disney phishing
Tweets on phishing scam

However, Disney claims that its security systems have not been compromised, saying in a statement that it “takes the privacy and security of our users’ data very seriously and there is no indication of a security breach on Disney+”. 

These types of scams highlight the importance of using unique passwords for all online accounts, as well as implementing extra security measures like two-factor authentication when possible. 

To protect yourself from falling victim to a phishing scam, you should follow the below guidelines: 

  • Never click on links or download attachments from unknown sources. 
  • Always verify the security of a website. 
  • Pay close attention to the spelling of an email or web address, if there are any inconsistencies, delete immediately. 
  • Ignore and delete emails with poor grammar and formatting. 
  • Install the latest anti-virus software solutions on all your devices. 
  • Use strong passwords to reduce the chance of devices being hacked and use different passwords for different accounts. 
  • Question the validity of any email that asks you to submit personal or financial information. 

Create a More Security Conscious Workforce 

The Ultimate Guide to Phishing

about the author

sharing is caring

Share on linkedin
Share on twitter
Share on facebook

you might enjoy reading these

What is Credential Stuffing

What is Credential Stuffing?

Credential stuffing has been dominating the headlines in recent years and has fast become the attack method of choice used by cybercriminals. Between January 1,
Read More »
Protecting Charities from Cybercrime

Protecting Charities from Cybercrime

This week is Charity Fraud Awareness Week and it’s been specifically set up to provide charities with valuable advice on how they can protect themselves from the threat of fraud and cybercrime.
Read More »