Fake Spotify email is a phishing scam to get your Apple ID credentials



[ad_1]

A new phishing scam is targeting people by using a fake Spotify Apple ID.

The email contains the fake confirmation of a year's subscription to the site's premium streaming service – it's likely intended to make you feel better. The email prompts victims to click to link or "review your subscription."

It's a scam to get your Apple ID credentials, and it was caught by a cautious Reddit user. Apple ID credentials, they can have access to personal information, photos in iCloud, and the location of your Apple devices. They could even make your purchases without your immediate knowledge.

This scam is likely taking advantage of recent changes made to Spotify subscription payments. Spotify users used the option to pay for their Apple Premium Spotify via their Apple ID, but that's no longer the case as of August 6, 2018.

Red flags that it's fake

While it's an easy scam to fall, there are ways to check it's illegitimate. Check out the email below:

Reddit / The101maham

For one, there's a grammar mistake in the email's where it says "You are in for your subscription."

The other red flag is that the email subscription is from your Apple ID. If there were any changes or charges made to your Apple ID, the subscription confirmation email would come from Apple rather than Spotify.

Unfortunately, the screenshot taken by the Redditor does not show the sender 's email address, which would also help raise eyebrows. It might bear similarities to an official Spotify email address, but scam emails usually have some telltale signs that they're illegitimate, like random letters and numbers in the sender's email address.

If you click on the link in the email, it leads to a convincing-yet-fake Apple ID sign-in screen, where you're expected to enter your Apple ID credentials. Once you hit "Next," the information is likely to be directly responsible for the phishing scam.

Reddit / The101maham

Above, there's a clear sign that this Apple ID login screen is fake. The website's URL in the browser bar starts off with the words "myappleid-confirmcancellation," but the following words, "aijcbtgroup …," would not be associated with an official Apple website.

If it were real, the site's URL would also be green on Apple's iOS devices, indicating that it's a secure site with "HTTPS" certification. On computers, you should check the following:

Business Insider

Apple devices or email address Apple devices or email address Apple devices or email address Apple devices or email address Apple devices or email address Apple devices or email address Apple devices or email address . Still, it's better to be careful.

If you think you did not know your name, your next move is to change your Apple ID password right away.

[ad_2]
Source link