Announcements

Help Wizard

Step 1

NEXT STEP

FAQs

Please see below the most popular frequently asked questions.

Loading article...

Loading faqs...

VIEW ALL

Ongoing Issues

Please see below the current ongoing issues which are under investigation.

Loading issue...

Loading ongoing issues...

VIEW ALL

Received an email address confirmation request, but didn't attempt to confirm my address

Solved!

Received an email address confirmation request, but didn't attempt to confirm my address

I just received an email from Spotify requesting me to confirm my email address. However, I wasn't trying to confirm my email address through Spotify. Is this a legitimate request from Spotify, or is it someone trying to hack my account? The "from" email address seems legitimate (no-reply@spotify.com), and the link seems to point to Spotify's website, but the request just seems a little odd, especially since I log in via Facebook.
Reply

Accepted Solutions
Marked as solution

Thanks to those who pointed me to the suspicious email page. I forwarded the email to the Spotify team, who confirmed the email is legitimate:

"Hey [xxxxxxxxx],

Thanks for contacting us. We hope this email finds you feeling good.

We've checked it out and this email is from us. So it's safe to click on the links in it.

Feel free to continue forwarding suspicious emails to this email address. Your security is always our top concern.

Let us know if you have any other questions.

All the best,

Felicia

Spotify Customer Support"

Thanks again!

View solution in original post

21 Replies

I just got the same email (see attached screenshot). This was very out of the blue.

 

I did click the "confirm email" link, and it directed to this link: https://www.spotify.com/ca-en/email-verification/success/

 

 

spotify-sketchy-confirm-email.PNG

Same here...i also got this E-Mail.

I got the same email asking for verification and I've confirmed with spotify rep. that it is legit, see my transcript below:

 

Omarie D

 at 14:03, Jun 30:

I'm glad you contacted me to let me know that you need assistance with confirming an email verifying your email address. No worries, I'll be happy to check this out for you.
  
Omarie D
 at 14:03, Jun 30:
From what email address was that from?
  
You
 at 14:04, Jun 30:
<no-reply@spotify.com>
 
Omarie D
 at 14:05, Jun 30:
This is a legitimate email from us as we're testing out an email verification service. 

Same here just received it today but, in a different language

I received the same thing one hour ago and was heading to the community to post a question, because this email looks anything except legit. If it is legit, as some of you are saying, it shows extreme innocence from someone in Spotify. With very recent attacks with file-encripting viruses, I cannot discard a massive attempt of phising. Paranoid? Yes. That's why I survive, because I smell danger before it becomes a danger.

 

Besides, what is the need of confirming anything? If there is a need, do explain us please.

 

On the other side, you don't need to be a hacker to send an email that looks as if it were sent by a determinate address. It is relatively easy.

 

Solution: Dear Spotify, if you want to tell us something, say it within the app, or in the browser player. We will rather believe it is from you.

 

- even if you sign up with facebook, since facebook knows your email address, Spotify knows it as well. No secret.

- if this is a test... well, I am not a lab monkey.

 

No, I am not clicking on that button. Not before doing a complete backup of all my files.

I got this email today at noon, also thinking it's kinda suspicious since I also sign in with Facebook. The sender is no-reply@spotify.com

I also got this.  An email purporting to be from spotify, asking me to confirm my email address?  This reeks of phishing, I won't be responding, but if those who choose to respond could keep us up to date, much appreciated.

I also confirmed that this was a legit email with a spoitfy rep (via the help chat).

However, I recommend everyone do this. That way you can regester their displeasure with the practice of cold emailing. Below is the arguement I used.

 

The problem with sending emails cold (i.e. out of the blue, without notice), is that you  normalise the practice of sending cold emails, thereby eneabling and supporting the use of phishing scams in the future. This could be easily fixed by having a window pop up in the app saying "confirm email required, click here to send email to your@address.com.au"



Marked as solution

Thanks to those who pointed me to the suspicious email page. I forwarded the email to the Spotify team, who confirmed the email is legitimate:

"Hey [xxxxxxxxx],

Thanks for contacting us. We hope this email finds you feeling good.

We've checked it out and this email is from us. So it's safe to click on the links in it.

Feel free to continue forwarding suspicious emails to this email address. Your security is always our top concern.

Let us know if you have any other questions.

All the best,

Felicia

Spotify Customer Support"

Thanks again!

Okay, I'm not the only one. I just got one a few hours ago. Reason why I'm very suspicious is because I'm a varified music artist on Spotify with a blue check mark and following...
I confirmed my email a LONG time ago because it's a requirement to get varified, so why would I need to again? Very very strange.
Screenshot_20170704-133649.png

This was suspicious to me as well since I check all the emails I've received from Spotify are from hello@spotify.com ... jsyk if anyone employed by them checks here.

Yep I got the same. Looks like it is 'legitimate', and so is INCREDIBLY STUPID of Spotify.

 

Their own website says do not click on suspicious links, and boy, does this look like one.

The ONLY saving grace is that the link is actually to spotify.com

 

But it also encodes your email address in that very long string of characters.

 

What on earth are Spotify trying to do? If they want to verify my email address, then address the email personally to me, using the details they have. And give me a clean link to do so, along with a suggestion that if you unsure, please login in to spotify normally, and verify your email from there.

 

I just did, and there is no mention of this 'verification' in my account.

 

Truly absurd behaviour from such a large company. 

 

Neal

I came here to find out if it was legit, but will absolutely not be confirming my email address in this fashion for the principle of the matter, just as a previous poster stated. I will happily confirm if needed (why is it needed) from inside the app. What an absolutely reckless move from an otherwise relatively reputable company. I will let them know my feelings about this, as should anyone else who feels the same.

I got the same email confirmation mail just out of the blue right now. I've been a Spotify user almost since the beginning with the same email, and now I'm suddenly getting a suspicious e-mail asking me to click a link to confirm my email?

 

The absolutely FIRST thing one learns is that serious sites and services never asks you to click on links in mails to confirm anything, they tell you to go to your site or service, log in and THEN confirm it from there. 

 

This doesn't seem very secure or professional...

Ah yes, but who is to say that "Felicia" is real? Just joking. I got the email and was just as baffled as anyone else. Tracked it, traced it, and otherwise vetted it using headers etc., and finally gave it what it was asking for (with a Linux machine and a plethora of script-blocking and other protection). Never thought to just ask out here. The difference between the brain of an IT nerd and a regular humanoid!

I just got an e-mail to confirm my account too. I never registered an account on Spotify, except for now through a disposable mail address, just to write this comment.

 

I was watching this music video on Youtube:

https://www.youtube.com/watch?v=DwBqDtFE3og

 

The infobox contains a link to a third-party site to download the track on various shops:

https://IDOL.lnk.to/CetteFoutuePerle

 

There I clicked on the Google Play Store one, but then left the page. I then received the confirmation mail from Spotify on my gMail address. How is it possible that Spotify gets my gMail address even though I never ever visited Spotify before? That's a security issue and breach of privacy!

And now I received an e-mail about a free 30 days offer "because I signed up on Spotify". I really don't know what's going on here. I never signed up on Spotify with my gMail address.

Suggested posts