Overview
- Phishing emails use the subject line “Wir konnten Ihre letzte Spotify-Zahlung nicht verarbeiten” and claim a failed payment with a 48-hour response deadline.
- Embedded links route to convincingly cloned sites designed to steal passwords and payment details, with red flags such as an unpersonal greeting, dubious sender address, and an incorrect logo.
- Germany’s Verbraucherzentrale advises moving the message to spam or deleting it, avoiding all links, and checking account notices only inside the Spotify app or on spotify.com.
- Those who entered data are urged to change credentials immediately, monitor accounts, alert their bank, and consider filing a police report.
- Parallel warnings highlight a broader phishing wave hitting bank customers, including a Sparkasse S‑ID‑Check spoof, with security observers forecasting more AI‑tailored lures in 2025.