Spotify scam harvests users' credit card details
A Spotify email phishing scam is making the rounds, telling users their ‘payment didn’t go through’.
The malicious emails contain the Spotify logo and inform recipients that, because their payment wasn’t accepted, their subscription has been paused.
It says: “You will now start hearing ads and you can no longer listen to your favourite songs offline.”
It then urges customers to sign up for Spotify’s ad-free Premium service.
Users who click the button will be led to a fake Spotify-branded phishing page that asks for their login details, and are then prompted to update their payment information - including their credit card and CCV numbers.
MailGuard first intercepted the email on 5 December, warning users to be more vigilant before taking action.
“Cybercriminals have taken great pains to incorporate the exact colour scheme, logo, fonts and popular images commonly found in Spotify pages in a bid to convince the user that the email is actually originating from the digital music service,” MailGuard stated.
But despite these techniques to fool users, MailGuard says there are some red flags.
“These include several spacing and formatting errors in the body of the email.”
The company says it will never ask members for personal information like payment info, account passwords or tax ID numbers via email.
Make your money work with Yahoo Finance’s daily newsletter. Sign up here and stay on top of the latest money, news and tech news.