Users of the famous Mickey video platform are currently receiving an email indicating that their payment method has expired. This is a phishing attempt intended to recover their banking details.
Disney++ is in a state of flux at the moment. After launching its subscription with advertising, like Netflix, Mickey’s SVOD decided to increase its prices. Also, from November 1, 2023, the Standard plan with advertising increases to €5.99 per month, the Standard plan to €8.99 per month and the Premium plan to €11.99 per month (see our article). A great opportunity for cybercriminals to try to recover your personal and banking information through a good old phishing campaign. In recent days, many people have received an email, presumably from the big-eared firm, asking them to update their payment method, we can see on Signal Scams. The message mentions “difficulties in processing” their payment. To remedy this, they are asked to click on a button “Validate payment information” referring to a page where you must enter your identifiers and bank details. A pretext of which Netflix is also often a victim (see our article).
Disney+ scam: a well-imitated fraudulent email
Scammers who practice phishing are making more and more efforts to imitate official messages by using the visual codes of brands and limiting French mistakes. Thus, we find in the email the blue color code of the platform, the high definition logo, the charter and presentation of the emails usually sent by Disney+, and a total absence of spelling errors. Obviously, the message is alarmist and invites you to urgently click on a button to regularize the situation, the deadline for integrating your data being October 31, 2023, i.e. today. Additionally, an account closure would be accompanied by a penalty of 49.99 euros – in reality, Disney+ never charges for account closures. Subscribers who fall for the trick and click on the fake link then find themselves on a copy of the Disney+ site, where they are encouraged to log in and provide their banking details in order to trigger a payment. In the process, the scammers collect valid Disney+ access codes which they can then resell on the Internet. Note, however, that the address in question, [email protected], appears to be the legitimate address of the Brazilian e-commerce site Magazine Luiza. It was allegedly usurped by pirates in order to carry out various fraud campaigns, including another this time using the identity of the online payment agency involved in the fine, ANTAI, or Impôts.Gouv.fr.
If you have ever been the victim or target of a message like this, consider deleting the message. If you ever clicked on the link or provided certain personal information, immediately change your password, as well as that of the other accounts where you use it – by the way, it is not recommended to use the same one for several accounts. And, if you have ever gone so far as to transmit your banking information, call your bank without further delay to take the necessary measures. In any case, forward the scam to Signal Spam or Pharos. You can also report these fraudulent messages to the site internet-signalement.gouv.fr.