Receiving an urgent email from one of the world’s leading brands may cause you to sit up and take notice, but sometimes it also calls for a critical need to be more vigilant before taking action.
MailGuard intercepted an email phishing scam purporting to be from Spotify today morning (AEST), the 5th of December.
The malicious emails arrive in inboxes using the display name ‘Spotify’ and are titled ‘Your payment didn’t go through’. The body of the email contains the Spotify logo. It informs recipients that because their payment wasn’t accepted, their subscription has been paused. As a consequence, ‘you will now start hearing ads and you can no longer listen to your favourite songs offline’. To fix this problem, a button is provided with the words ‘Get Premium’.
Here is a screenshot of the email:
Unsuspecting recipients who click on the link to ‘Get Premium’ are led to a fake Spotify-branded phishing page that asks for their login details:
Upon ‘logging in’, users are then taken to a similar-looking page asking them for to update their payment information. These include their credit card & CCV numbers.
Having inserted their credit card details, users are then led to a third page using the same branding & logos. This time, it asks users to update their billing address, as per the below:
Clicking ‘finish’ finally redirects users to a Spotify page containing a ‘404 error’.
As you can see from the screenshots above, all of the phishing pages are legitimate-looking copies of pages purporting to be from Spotify. Cybercriminals have taken great pains to incorporate the exact colour scheme, logo, fonts and popular images commonly found in Spotify pages in a bid to convince the user that the email is actually originating from the digital music service.
In addition, the email contains several other techniques that are designed to trick recipients:
Despite these techniques to fool users into thinking the email is authentic, eagle-eyed recipients will spot red flags that point to its illegitimacy. These include several spacing and formatting errors in the body of the email.
Spotify is a popular and well trusted company with an immensely large customer database, so their branding makes a good lure for cybercriminals looking to deceive people.
The company advises members to remember that it will never ask for your personal information over email. This includes:
If you see an email from Spotify, please exercise caution and make sure it is a legitimate communication before you open it. If you are unsure if a PayPal email is legitimate, simply contact the company directly.
Please share this alert with your social media network to help us make more people aware of the threat.
To protect your business against scams like this fake Spotify-branded phishing email:
MailGuard urges all recipients of this email to delete it immediately without clicking on any links.
Don't get scammed
If your company’s email accounts aren’t protected, emails like the one above are almost certainly being received by your staff. Cybercriminals know people can be tricked; that’s why they send out millions of scam messages and put so much effort into making them look convincing.
People are not machines; we're all capable of making bad judgement calls. Without email filtering protecting your business, it’s just a matter of time before someone in your organisation has a momentary lapse of judgement and clicks on the wrong thing.
For a few dollars per staff member per month, you can protect your business with MailGuard's predictive and advanced email security.
Talk to a solution consultant at MailGuard today about securing your company's network.
Why not stay up-to-date with MailGuard's latest blog posts by subscribing to free updates? Subscribe to weekly updates by clicking on the button below.