Spotify Phishing Scam

 

Whilst carrying out one of my routine Microsoft 365 Defender Quarantine checks this morning I came across a lovely example of one of the better phishing examples I’ve seen in quite some time.

The email of course was tagged as High Confidence Phishing by Microsoft which means the system is doing its job but for those who may not be so lucky to have the benefit of such technologies (the team here at Deployus are always happy to discuss any concerns around Cyber Security matters) it could be something that someone could easily fall for.

So, what was found? A quite legitimate looking email advising that your Spotify account and a renewal issue. Of course, looking at the links, these were not directed to Spotify at all and should be the first sign of a phishing attempt besides the sender address being spotify@mail.com. Otherwise quite a good looking and legitimate looking email.


Clicking on those links take you to a very legitimate log-in page, which does not even require any valid credentials of course. Once this page is passed you’ll get the below, a Verify Your Payment Details page, all looking very Spotify and legitimate.

From there once details are entered it’ll head to a fake verification code, which of course won’t work and by then the scammers are off spending your hard earned money.

At the end of the day the scammers are trying harder, continue to target high volume use services and you’re not just always being phished for your user credentials; credit cards and even any form of ID is a valuable and saleable commodity in the current digital landscape.

 

Have Any Questions? 

To learn more about scams and cyber attacks, check out our blog post on the Current Online Scams in Australia and how you can protect yourself. 

If you have any further questions regarding phishing attacks or other cybersecurity concerns, require cyber security training for your organisation or wish to carry out phishing simulations on your workforce, please don’t hesitate to contact us today or head to our website to learn more about our services