Many Spotify users are currently receiving an email asking them to regularize their subscription payment. This is obviously a new phishing scam aimed at stealing their banking data.
With nearly 600 million active users worldwide, Spotify is arousing desire. And, with such success, the famous music streaming platform naturally attracts scammers, never lacking imagination to set up scams, as are the large social networks, which are regularly the target of cybercriminals. And this is currently the case with a new phishing campaign which is wreaking havoc, as reported The Parisian, many users having received a particularly suspicious email inviting them to regularize the payment of their subscription. A classic trap that many can still fall into.
Spotify Mail: a scam to steal your banking data
In this larger-than-life email, the scammers reveal they met “problems processing your Premium payment”. To regularize the situation, they invite their prey to verify their payment data within very short periods of time, under penalty of additional costs and even possible closure of their account. “We are unable to process your payment”we can read in the fraudulent email. “We kindly ask you to update and confirm your payment information before 04/12/2023. Otherwise, you will be charged a closing fee of €49.99”, say the cybercriminals. In the body of the email, we find in particular a large green button, reminiscent of Spotify’s graphic charter, which allows this so-called verification of banking information to be carried out. If you click this button, you will be taken to a copy of the Spotify site. A clone very similar to the moose, which allows cybercriminals to collect your banking data as soon as you enter it in a form.
Unfortunately, these phishing scams are very common. To avoid them, we invite you to systematically check the sender’s email address. As part of the Spotify scam, the address used is [email protected]. No connection therefore with any Spotify service, whose name should normally appear in the domain (@spotify.com). With this information, you can easily identify fraudulent emails from official messages.
More generally, to avoid a scam attempt, whether by email or SMS, we also recommend that you never respond to suspicious messages, call back the telephone numbers mentioned or even click on links you don’t know. You must be vigilant in all circumstances, even if the sender is a loved one. The latter may also have been hacked in order to share fraudulent content with you.
Finally, if you ever have doubts regarding an email coming from a service to which you are subscribed, go directly, and manually, to the customer area of the platform concerned to see if an official message is waiting for you!