TechBeware: Scammers mimic Spotify to steal your data

Beware: Scammers mimic Spotify to steal your data

Scammers are impersonating Spotify. Users of this popular app might receive a fake email, which, if carelessly opened, could lead to serious consequences.

Spotify significantly raises fees
Spotify significantly raises fees
Images source: © Canva
ed. KLT

12 May 2024 08:02

Cybercriminals are trying to deceive their victims by impersonating popular companies. One phishing campaign currently targets Spotify. Scammers are sending out fake emails that encourage clicking a link to "update your payment method."

This email is convincing because the sender's address looks identical to the real domain of the music service. Only upon close examination can one notice that it is completely different. It's not surprising that users easily fall into the trap, as the content of the email is much better crafted than most spam.

The link leads to a page impersonating Spotify. The first step to "verify your payment method" is to log into the service. The welcome page looks very convincing, with the only giveaway being the incorrect URL.

If someone enters their login details, they are immediately redirected to a tab dedicated to paying for a subscription. "Updating" the payment method requires providing information such as a first name, credit card details, and a residential address. In the case of this scam, one may encounter two serious issues.

The first is sharing your login information on a fake site, which allows cybercriminals to access your Spotify account. After changing the password, regaining control over your account may be difficult.

The second issue is providing credit card details. Scammers could use this information to activate a paid subscription on your account or to authorize transactions. You might notice regular statements from your account without even being aware of it.

What to do if you receive such an email?

If you’ve received such a message, first and foremost, remain calm. You are not in danger if you don’t click on the link and provide your details. Just report the message as spam, and you can forget about it.

However, if you did provide your login and credit card details, it’s crucial to log into your Spotify account and change the login information. Make sure the new password is strong and unique. You can also secure your access by activating two-step verification. Then, contact your bank and block your credit card.

© Daily Wrap
·

Downloading, reproduction, storage, or any other use of content available on this website—regardless of its nature and form of expression (in particular, but not limited to verbal, verbal-musical, musical, audiovisual, audio, textual, graphic, and the data and information contained therein, databases and the data contained therein) and its form (e.g., literary, journalistic, scientific, cartographic, computer programs, visual arts, photographic)—requires prior and explicit consent from Wirtualna Polska Media Spółka Akcyjna, headquartered in Warsaw, the owner of this website, regardless of the method of exploration and the technique used (manual or automated, including the use of machine learning or artificial intelligence programs). The above restriction does not apply solely to facilitate their search by internet search engines and uses within contractual relations or permitted use as specified by applicable law.Detailed information regarding this notice can be found  here.