Are you ready for a barrage of year-end subscription renewals?


If a PDF is attached, be extra careful

If you get a “subscription renewal” notice in your inbox in the next week or two, proceed with caution.

Scammers are lining up to ring in 2024 using artificial intelligence, brand names and more tricks to lure unsuspecting consumers into clicking on links, sharing personal information and paying for subscriptions they might not even have.

The New Year is the perfect scenario because most people think that when the calendar turns over, it’s only natural for subscriptions to renew.

Scammers usually use one of two variations of this – an “upcoming renewal” that needs to be paid or a “your subscription has automatically been renewed” and all you have to do is submit your payment to complete the transaction.

Google Cloud

One example that ConsumerAffairs saw this week was from a company using the subject line “Subscription renewal reminder,” saying that the recipient’s Google Cloud Storage subscription was set to renew in less than 10 days. All that needed to be done was click on a link, sign in to the person’s account, and pay $105.99. 

One problem is that the recipient doesn’t have a “Google Cloud Storage” account, but only a “Google One” subscription. “Google Cloud Storage” is primarily a business-based subscription, not a personal account.

Another is that the recipient’s “Google One” account doesn’t renew until June 2024. A third is that “Google One” only costs $99 a year, not $105.99.

The Mouse is in the house, too

Brand impersonation and phishing emails are being unleashed at an alarming level. Mike Britton of Abnormal says that his company’s researchers discovered 265 different brands impersonated by threat actors in credential phishing attacks over a six-month period. 

One of those getting a lot of the subscription notification action was Disney+. Britton said that each email contains an attached PDF named after the recipient – a new effort his team rarely sees. However, spending the time and effort to put together a PDF can add authenticity to a request.

“The emails are free of misspellings and have only a small number of minor grammatical errors. There are no phishing links, and the PDF contains no extra code or malware, so it can be safely downloaded without issue,” Britton said. Abnormal shared what these emails look like...


And, just like in the Google Cloud Storage email, the price the scammers are asking isn’t even close to reality. In the Disney+ one, unsuspecting consumers could wind up paying an inflated charge of $49.99 if they’re not careful – nearly three times the current Disney+ monthly charge.

The last angle you need to be aware of is any email that promotes urgency. Britton said that the Disney+ scammers were twisting the arms of the email recipients, telling them that the charge would be completed the same day and that they needed to call a certain phone number to stop the transaction.

Take an Identity Theft Quiz. Get matched with an Authorized Partner.