- The phishing campaign aims to gain users’ credentials to hijack their Spotify accounts.
- The victims are redirected to a malicious website that tricks them into divulging their credentials.
Security experts have discovered a new phishing campaign targeting Spotify users. The campaign involves hackers sending Spotify users phishing emails that pose as coming from the music streaming service.
Once the phishing emails are clicked on, the victims are redirected to a malicious website that tricks them into divulging their credentials. The phishing campaign was discovered by AppRiver.
According to the researchers, the credentials can not only help attackers obtain access to their Spotify accounts but also potentially allow them to gain access to other online and banking accounts. What is more, the cybercriminals behind the campaign could also sell the stolen credentials on the dark web.
“Knowing just one password for a victim opens the door to a multitude of attack vectors,” David Pickett, cybersecurity analyst at AppRiver, told Threatpost. “Knowing how someone creates a password offers a personal glimpse into their password creation mindset and probability of overall attack success. This also gives an opportunity for social engineering using the same information which is important to the victim.”
Researchers also fear that the stolen credentials could likely also be funneled through a password cracker to generate passwords for a hybrid password attack.
“Password-cracking software such as John the Ripper and Cain and Abel are popular utilities for these attacks, but there are many others,” Pickett told Threatpost.
AppRiver researchers have warned users to always check the URL in every email message that they receive.