Overview
- German consumer advocates report emails posing as Spotify with the subject line "Wir konnten Ihre letzte Spotify-Zahlung nicht verarbeiten" that urge recipients to update payment details.
- A link in the message directs users to a spoofed website designed to capture credit card data, passwords and other personal information.
- Warning signs cited include a generic greeting, a dubious sender address, an off-brand or low-quality logo and strong urgency tactics.
- Spotify has not reported a breach of its systems, with the immediate risk coming from users entering data on the fraudulent site.
- Recipients are advised to delete or mark the email as spam, avoid clicking links, check account status only via Spotify’s official app or website and, if data was entered, change passwords, monitor accounts, contact the bank and consider filing a police report.