Aussies warned over Spotify email: ‘Update your payment details’

Scammers are impersonating Spotify and trying to steal people’s bank details.

Spotify scam
A new phishing scam impersonating Spotify is hitting Aussies’ email inboxes. (Source: MailGuard/AAP)

If you are one of the millions of Aussies who uses Spotify, don’t get fooled by this new email scam.

Email security firm MailGuard is warning Aussie music-lovers about the new scam claiming to be sent by Spotify and tricking recipients into thinking their subscription payment has been declined.

The email has the subject line: “Spotify: We’re unable to bill you”, and uses the Spotify logo in its header.

“It’s time to update your payment details. We are still unable to process your payment. Your payment method is not working and we were unable to receive your payment,” the scam email reads.

The scammer claims there could be a problem with your bank, your card or an insufficient balance on your card.

“You will lose access to your account if there is no payment method associated with your account,” it says.

MailGuard said cybercriminals often used these tactics to create a sense of fear and urgency.

Spotify scam email.
MailGuard shared an email of the scam email. (Source: MailGuard)

“By threatening to revoke access, the attacker aims to manipulate the recipient into taking immediate action without thinking critically about the tell-tale signs of a scam hidden in the email and phishing page,” MailGuard said.

If the recipient clicks on the ‘update information’ button, they will be taken to a phishing page, which also uses fake Spotify branding.

It asks for them to update their payment details, including their full name, address, card number, expiration date and CVV, and then a one-time authorisation code.

“With these details, a scammer can engage in various malicious activities, such as identity theft and financial fraud,” MailGuard said.

Spotify has told customers it will never ask for personal information over email, including their payment information or password.

“An email is suspicious if the sender email doesn’t end in “@spotify.com”, or if you’re simply not sure about it,” Spotify said.

Aussies are being urged to delete the email immediately without clicking on any links.

Follow Yahoo Finance on Facebook, LinkedIn, Instagram and Twitter, and subscribe to our free daily newsletter.