Scam subscriptions

Detailed Analysis

Phishing campaigns impersonating Anthropic have emerged as a notable cybersecurity threat targeting users of Claude, the AI assistant developed by Anthropic. These scam operations use the display name "Anthropic, PBC" in fraudulent emails that falsely claim a user's Claude subscription payment has failed, threatening to pause access to paid features such as Claude Pro. Victims are directed through a deceptive "Go to billing settings" call-to-action that leads to counterfeit billing pages designed to harvest sensitive financial data, including full names, card numbers, expiration dates, and security codes. The sender addresses in these emails do not match official Anthropic domains, though the visual design closely mimics legitimate Anthropic billing communications — a deliberate tactic to exploit users who are already familiar with the platform's interface and subscription structure.

The existence and growth of these phishing campaigns is directly tied to Claude's rising mainstream adoption. As Anthropic's products have scaled to a broad consumer audience — many of whom pay for Pro or Max subscription tiers — the brand has become an attractive impersonation target for cybercriminals. The scam's effectiveness relies on users having a real subscription and therefore finding the premise of a failed payment plausible. This is a well-documented pattern seen across other high-adoption SaaS platforms: as a product's user base grows, so does its value as phishing bait, since more recipients will have authentic relationships with the brand being spoofed.

Separately, but importantly, a distinct category of user grievances surrounds Anthropic's legitimate subscription model itself. Users of higher-cost tiers — particularly the $200-per-month Max plan — have reported frustration over unexpected usage caps, peak-hour throttling, token limits that exhaust early in billing cycles, and mid-cycle policy changes that were not clearly communicated at the time of purchase. These are not scams in a legal or criminal sense, but they represent a gap between marketed expectations and delivered experience. Anthropic has acknowledged at least some of these issues, responding to Max plan complaints with credits and repricing while citing high-usage abuse as a strain on infrastructure — a tension common to unlimited-style AI subscription offerings industrywide.

The convergence of these two issues — criminal phishing and legitimate subscription frustrations — creates a compounding reputational risk for Anthropic. Users already skeptical of subscription value are more psychologically primed to react to billing-related emails with anxiety, making them potentially more vulnerable to phishing tactics. The broader context here reflects a structural challenge facing the AI industry: subscription-based access to large language models involves dynamic computational costs that are difficult to fix at a flat rate, leading companies to impose usage limits that users often perceive as bait-and-switch. Competitors including OpenAI and Google have faced similar criticism over their premium tiers, suggesting this is a sector-wide growing pain rather than an Anthropic-specific failure.

For users, the clearest protective measures remain verifying any billing-related communications directly through anthropic.com rather than clicking links in emails, and avoiding the entry of financial data on any page reached through unsolicited messages. Anthropic, for its part, faces a dual imperative: reinforcing public awareness of impersonation campaigns while also addressing the legitimate trust deficit created by subscription model inconsistencies. In an industry where user trust is both a commercial asset and a safety-critical foundation, both challenges carry consequences well beyond customer retention.