Hackers stealing customers’ Spotify details via WhatsApp scam

26 Jan, 2018 12:39 / Updated 7 years ago

A WhatsApp phishing scheme designed to steal the details of Spotify accounts has been revealed in Spain.

READ MORE: Spanish parents may spy on kids’ WhatsApp chats, court rules

Spanish users of the messaging service reported receiving a WhatApp message purportedly containing a URL for a one-year free subscription to Spotify Premium, the ad-free version of the popular music streaming service.

After clicking the link, oblivious users were directed to a page bearing the Spotify logo, the service’s font as well as its green and black color scheme. There, they were asked a series of questions before being asked to log into the platform.

"The real risk of this attack is that these cybercriminals will sell all these accounts on the black market," warns Luis Corrons, Technical Director of PandaLabs, the anti-malware service run by Spanish IT firm Panda Security.

It is not yet known how many people have been affected by the scheme. Spanish police issued a warning Wednesday. Writing on Twitter, the authorities said: “This is going on the playlist of the hottest scams.”

Corrons believes it is likely that the scam is being rolled out across many countries, requiring the page to be recreated in many different languages, but that scammers are using applications that provide imprecise translations. This makes the scam easier to spot.  

"Hackers who have developed this website have done so in many languages ​​to attack as many people as possible,” Corrons said. “For this, they will have used automatic translation tools, which often make certain inaccuracies difficult to locate for someone who is not native in a language."

If you like this story, share it with a friend!

READ MORE: 13 & under: Facebook launches Messenger for Kids

WhatsApp has recently moved to increase its security features. Earlier this week, WhatsAppen.com reported that the encrypted messaging service is working on new notifications for spam and chain messages. The proposed new feature, which is still in the testing phase, would notify users if a message they’ve received has been forwarded more than 25 times.