Scammers have found another hole in our lives they can crawl through and nab our credentials: Spotify. And who’s to blame them? With hundreds of millions of users worldwide, it's no wonder scammers exploit Spotify's name and reputation to deceive people.
Spotify-related phishing scams have increased significantly, but there are several ways to protect yourself from falling victim.
Spotify phishing scheme #1
Scammers have modified the sender's name in emails to read "Spotify Premium” or "Your Premium payment failed." However, if you check the actual email address, it's not from Spotify – which can be difficult to do on a smartphone and only ramps up the possibility of users who are mobile-bound getting scammed.
What happens if you click the link? You risk kissing your personal information and possibly some money goodbye.
Spotify phishing scheme #2
The second scheme has the email subject “Important! We noticed unusual activity in your Spotify account.” Again, the email is designed to trick you into clicking a link within the email. MakeUseOf’s coverage of the scam shows this example of what such an email looks like…
“However, the email is fake, and the link takes you to a fake payment portal designed to steal your banking information,” MakeUseOf’s Gavin Phillips reported. “Note that when I scroll over the supposed link to reset my account or verify my details, the URL is a long, random alphanumeric string. It almost looks legit—but has nothing to do with Spotify at all.”
Here's a screenshot of what Phillips found:
Remember the Golden Rule
Phishing attempts are getting slicker and growing like weeds – thank you, National Data breach! And we simply can’t be too careful. There’s a laundry list of things you can do to protect yourself like two-factor authorization, but the most simple rule is the most golden one: if you're unsure where an email came from, don't click on any links. Simple as that.