Disney World hotels guests involved in phones scams. Disney World hacked?

Multiple guests at Disney’s Polynesian Village Resort and Disney’s Contemporary Resort have been embroiled in a scandal over alleged phone fraud. According to experts from a cyber security course, affected users report receiving calls to their hotel rooms allegedly coming from the hotel reception. Scammers request confirmation of some of the victim’s data (domicile, card number, among others) in order to make fraudulent charges to their payment cards.

Although it is not yet known how, it has been confirmed that fraud managers have access to guests’ phone lines, and they also know personal data such as name, room number and even customer request history, making the scam more legitimate-looking.

Esta imagen tiene un atributo ALT vacío; su nombre de archivo es disneyresort01.jpg

“After requesting a room service, I received a confirmation call to verify my credit card number; when I realized, my card had been used to make purchases at multiple local stores,” says one user, adding that the scammers spent more than $400 with their card. 

According to the experts of the cyber security course, the hotel administration asked the victim to return to the facility to fix the incident, reporting the fraud to the local authorities. Today, reports have arrived from guests staying at Disney’s Contemporary Resort experiencing a similar scam. Like the incident at Polynesian, another guest received a call after requesting towels. In that case, the fake front desk employee told customers that they needed to confirm their addresses and payment card numbers, which led to the commitment of their payment cards.

Disney is aware of the incident, as fraudulent charges were first reported to the hotel’s customer service area. Walt Disney World Resort does not offer guests any recovery, as charges were not made at Disney-affiliated companies, cyber security course specialists mention.

For further reports on vulnerabilities, exploits, malware variants and computer security risks, it is recommended to enter the website of the International Institute of Cyber Security (IICS), as well as the official platforms of technology companies.