Here at the Seniors Discount Club, we can't stress enough the importance of staying on top of the latest news and information – especially when it comes to possible scams.

That's why we want to make sure you're all aware of a new email scam, posing as the popular digital music streaming service Spotify, that's doing the rounds, hoping to trick unsuspecting Australians into revealing their payment information.

So, if you're one of the many people enjoying the vast music libraries on the popular streaming service, you'll want to pay close attention to this warning.

It appears that cybercriminals are cunningly sending out fraudulent emails designed to look like they're from Spotify, implying that there may have been an issue with your subscription payment.

According to email security firm MailGuard, these scammers have become crafty, often using Spotify’s logo and using an alarming subject line: ‘Spotify: We’re unable to bill you.’

Spotify is a popular digital music streaming service. Credit: Spotify

The scam email aims to inspire fear and urgency in recipients by stating that their payment method hasn't worked and that there's a potential problem with their bank or card.

Furthermore, the email scaremongers by informing users that they'll lose access to their account if no valid payment method is associated with it.

MailGuard has warned that these tactics are often employed by cybercriminals to manipulate recipients into taking hasty actions without thinking through or spotting the scam's subtle signs.

In their statement, MailGuard explained that the sender name would read ‘Last Reminder’, but if you look closely, it’s actually sent from what appears to be a compromised support account.

Here’s what the email looks like:

If you look closely, the sender’s email address isn’t sent through Spotify’s official email. Credit: MailGuard

‘The email[…]then explains to the recipient that their payment details need updating as they have been unable to process a payment,’ the security firm warned.

Above the ‘Update information’ button, the email states that you will lose access to your account if no payment method is found associated with your account.

‘By threatening to revoke access, the attacker aims to manipulate the recipient into taking immediate action without thinking critically about the tell-tale signs of a scam hidden in the email and phishing page,’ MailGuard said.

Following the link in the email takes unsuspecting users to a phishing page, complete with fake Spotify branding, where they're requested to update their payment details. This includes:

• First name
• Last name
• Address
• City
• Postcode
• Card number
• Expiration date
• CVV

Armed with this personal payment data, the perpetrators can engage in nefarious activities, such as identity theft and financial fraud.

Here’s an example of this fraudulent page:

Scammers are using sophisticated methods to trick people out of their hard-earned money. Credit: MailGuard

​

According to MailGuard, after being shown the web page, ‘the victim will be asked to enter a one-time authorisation code to verify the transaction’.

‘These verification pages are commonly used when purchasing items online, so it may not raise suspicion in the victim.’

‘However, in phishing attacks, it’s often an indication that the scammer is attempting to charge the victim’s card to confirm its validity,’ the warning continued.

You can see the example below:

This page will appear after entering your personal details. Credit: MailGuard

MailGuard advises recipients of this email to delete it immediately without clicking on any links.

‘Providing your personal details can result in your sensitive information being used for criminal activity and may have a severe negative impact on your business and its financial well-being,’ it said.

Spotify has gone on record to state that it will never request personal information, payment data, or passwords through email correspondence.

They've advised customers to be highly suspicious of any emails that don't originate from an '@spotify.com' email address, urging them to delete the email without clicking on any links.

Remember these tips! Image credit: The Seniors Discount Club

MailGuard also urges everyone not to click on any links or open attachments within emails. This includes emails that:

• Are not addressed to you by name.
• Appear to be from a legitimate company but use poor English or omit details that a legitimate sender would include.
• Are from senders you were not expecting to hear from.
• Would take you to a website with an illegitimate URL.

This isn’t the first time MailGuard issued a warning to users about phishing emails. Earlier this year, the email security firm said cybercriminals are now impersonating DocuSign, an online service where people can view and sign agreements electronically.

According to MailGuard, the attack uses the target’s workplace (former or current) or business name to convince victims of its legitimacy.

‘The attacker has also made it appear as though the email has been sent from an account at the recipient’s company, adding further plausibility to this being a genuine alert,’ they advised. You can read more details about this scam here.

Key Takeaways

• Email security firm MailGuard is warning Aussies about a new email scam claiming to be sent by Spotify.
• The scam email tricks recipients into thinking their subscription payment has been declined and asks them to update their payment details.
• If the recipient clicks on the ‘update information’ button, they will be taken to a phishing page asking for personal and payment information.
• Spotify has told customers it will never ask for personal information over email, and Aussies are urged to delete the email immediately without clicking on any links.

Have you spotted any false emails during your online activities? Share your experiences with us in the comments below!

 

[Georgie27]

We have had one recently declaring that our credit card was declined in paying our Internode account. It was sent to the wrong person. We do not pay by credit card.
It was all spaced between words.

 

[MiasMum]

I get emails from my "Internet Provider" every month, telling me that my payment didn't go through.....funny that....they always seem to come a couple of days after I get my receipt from the company!

 

[Kman]

First thing I noticed was that the senders email address line ended in
.za - Zambia?

I get this garbage frequently. There is always grammar, punctuation, spelling, spacing errors and more.

 

[LynS]

Yep, nothing new here. I get emails all the time from Netflix, Telstra, Stan etc. telling me my payment didn't go through, None of these emails ever address me by name, it's always dear Customer, which should ring alarm bells immediately. They are all rubbish and I delete them straight away. Surely no one in this day and age gets taken in by these!!

 

[freedy50]

First thing I noticed was that the senders email address line ended in
.za - Zambia?

I get this garbage frequently. There is always grammar, punctuation, spelling, spacing errors and more.

It's a South Africa domain.

 

[ToniaKisliakov]

I get plenty of such scams and never ever click on any links or google docs! This also includes the all too many annoying links and pop ups by Seniors discount club! I like to do my own research and not by ads

 

[Janet g]

Yep, nothing new here. I get emails all the time from Netflix, Telstra, Stan etc. telling me my payment didn't go through, None of these emails ever address me by name, it's always dear Customer, which should ring alarm bells immediately. They are all rubbish and I delete them straight away. Surely no one in this day and age gets taken in by these!!

Unfortuatly people still get sucked in

 

[LynS]

Unfortuatly people still get sucked in

People get sucked in because they think they are getting something for nothing or at a supposedly good price. People are just greedy.

 

[Teddy10]

Here at the Seniors Discount Club, we can't stress enough the importance of staying on top of the latest news and information – especially when it comes to possible scams.

That's why we want to make sure you're all aware of a new email scam, posing as the popular digital music streaming service Spotify, that's doing the rounds, hoping to trick unsuspecting Australians into revealing their payment information.

So, if you're one of the many people enjoying the vast music libraries on the popular streaming service, you'll want to pay close attention to this warning.

It appears that cybercriminals are cunningly sending out fraudulent emails designed to look like they're from Spotify, implying that there may have been an issue with your subscription payment.

According to email security firm MailGuard, these scammers have become crafty, often using Spotify’s logo and using an alarming subject line: ‘Spotify: We’re unable to bill you.’

View attachment 20413

Spotify is a popular digital music streaming service. Credit: Spotify

The scam email aims to inspire fear and urgency in recipients by stating that their payment method hasn't worked and that there's a potential problem with their bank or card.

Furthermore, the email scaremongers by informing users that they'll lose access to their account if no valid payment method is associated with it.

MailGuard has warned that these tactics are often employed by cybercriminals to manipulate recipients into taking hasty actions without thinking through or spotting the scam's subtle signs.

In their statement, MailGuard explained that the sender name would read ‘Last Reminder’, but if you look closely, it’s actually sent from what appears to be a compromised support account.

Here’s what the email looks like:

View attachment 20414

If you look closely, the sender’s email address isn’t sent through Spotify’s official email. Credit: MailGuard

‘The email[…]then explains to the recipient that their payment details need updating as they have been unable to process a payment,’ the security firm warned.

Above the ‘Update information’ button, the email states that you will lose access to your account if no payment method is found associated with your account.

‘By threatening to revoke access, the attacker aims to manipulate the recipient into taking immediate action without thinking critically about the tell-tale signs of a scam hidden in the email and phishing page,’ MailGuard said.

Following the link in the email takes unsuspecting users to a phishing page, complete with fake Spotify branding, where they're requested to update their payment details. This includes:

• First name
• Last name
• Address
• City
• Postcode
• Card number
• Expiration date
• CVV

Armed with this personal payment data, the perpetrators can engage in nefarious activities, such as identity theft and financial fraud.

Here’s an example of this fraudulent page:

View attachment 20415

Scammers are using sophisticated methods to trick people out of their hard-earned money. Credit: MailGuard

​

According to MailGuard, after being shown the web page, ‘the victim will be asked to enter a one-time authorisation code to verify the transaction’.

‘These verification pages are commonly used when purchasing items online, so it may not raise suspicion in the victim.’

‘However, in phishing attacks, it’s often an indication that the scammer is attempting to charge the victim’s card to confirm its validity,’ the warning continued.

You can see the example below:

View attachment 20416

This page will appear after entering your personal details. Credit: MailGuard

MailGuard advises recipients of this email to delete it immediately without clicking on any links.

‘Providing your personal details can result in your sensitive information being used for criminal activity and may have a severe negative impact on your business and its financial well-being,’ it said.

Spotify has gone on record to state that it will never request personal information, payment data, or passwords through email correspondence.

They've advised customers to be highly suspicious of any emails that don't originate from an '@spotify.com' email address, urging them to delete the email without clicking on any links.

View attachment 20425

Remember these tips! Image credit: The Seniors Discount Club

MailGuard also urges everyone not to click on any links or open attachments within emails. This includes emails that:

• Are not addressed to you by name.
• Appear to be from a legitimate company but use poor English or omit details that a legitimate sender would include.
• Are from senders you were not expecting to hear from.
• Would take you to a website with an illegitimate URL.

This isn’t the first time MailGuard issued a warning to users about phishing emails. Earlier this year, the email security firm said cybercriminals are now impersonating DocuSign, an online service where people can view and sign agreements electronically.

According to MailGuard, the attack uses the target’s workplace (former or current) or business name to convince victims of its legitimacy.

‘The attacker has also made it appear as though the email has been sent from an account at the recipient’s company, adding further plausibility to this being a genuine alert,’ they advised. You can read more details about this scam here.

Key Takeaways

• Email security firm MailGuard is warning Aussies about a new email scam claiming to be sent by Spotify.
• The scam email tricks recipients into thinking their subscription payment has been declined and asks them to update their payment details.
• If the recipient clicks on the ‘update information’ button, they will be taken to a phishing page asking for personal and payment information.
• Spotify has told customers it will never ask for personal information over email, and Aussies are urged to delete the email immediately without clicking on any links.

Have you spotted any false emails during your online activities? Share your experiences with us in the comments below!

 

[Teddy10]

After reading your information about Spotify i can add something extra that wasn't mentioned. I've not received any emails from them but the other day when i turned my computer on I saw 'Spotify installing...' go accros the screen before the computer got to the homepage. I had to be quick to see it and I wondered if this is or will be a problem ? I use Spotify free version with no cost involved so i consider myself safe.