A very simple Spotify phishing campaign

Researchers have discovered a phishing campaign aimed at the streaming service; although it is really simple-crafted, its dissemination is important

Researchers from a cybersecurity and digital forensics firm discovered a phishing campaign aimed at Spotify, the popular music streaming service. In this campaign, discovered in early November, the attackers decided to use emails to try to deceive users of the streaming platform. The target of the attackers is that the user provides the access credentials to their account.

The email used by criminals includes a link that redirects users to phishing websites that incite them to enter their username and password. Attackers use the stolen information to compromise the Spotify accounts and any other account in other services where the user keeps the same passwords.

“In this campaign the attacker tries to trick users into clicking on a phishing link, redirecting them to a deceiving website. Once on this site, users were asked to enter their username and password, which gives the attacker the ability to hijack an account,” mentioned in the report of digital forensics specialists.

The attackers configured a page identical to the legitimate Spotify login page, which is only different in the URL, something that almost no user verifies.

The attackers deceived the victims to click on a green button with the words “CONFIRM ACCOUNT”. The messages are presented informing about a supposed restriction in the users’ accounts, requesting them to click the button to reactivate their account. After clicking this button, the user was redirected to the aforementioned deceiving website.

According to the specialists in digital forensics, this campaign is elaborated in a very simple way, and a user attentive enough to the details could detect it without further inconvenience.

The security report published by the investigators pursued a single objective; experts tried to share information about a campaign that could deceive unfamiliar users with technological issues. Even if it is not a critical attack campaign, the information needs to be disseminated.

According to information from a cybersecurity firm, Spotify has nearly 60 million active users throughout more than 50 countries, which has consolidated this platform as the fastest growing music service worldwide.