Probable phishing attempt from Spotify in my inbox

Reply
1 person liked this

Probable phishing attempt from Spotify in my inbox

mrvanes
Regular

I've just received a very deceptive message supposedly coming from Spotify asking me to accept the new End User License Agreement (in Dutch).

 

I seriously doubt this mail is legit, because:

 

1. All links point to a URL starting with http://wl.spotify.com (no HTTPS)

2. If I navigate to https://wl.spotify.com/ I get a privacy warning saying that the certificate is invalid (which is correct, it belongs to *.sendgrid.net, a very suspicious wildcard certificate).

3. Navigating to http://wl.spotify.com/ results in a 404 served by an nginx server?

 

This CAN'T be real? But the mail threatens to disable my account if I don't accept the new license before march 15? What to do now?

5 Replies

Re: Probable phishing attempt from Spotify in my inbox

Rock Star 1
Rock Star 1

Hi @mrvanes,

 

Thanks for coming to the Community.

 

Just to let you know, this is a legitimate email from Spotify, don't worry about it. 

 

However, if you feel unsure about that, you can follow these steps to protect yourself from phishing and other threats information.

 

Hope this helps! :)

BruneliciaRock Star 1
Help others find this answer and click "Accept as Solution".
If you appreciate my answer, maybe give me a Like.
Note: I'm not a Spotify employee.

Re: Probable phishing attempt from Spotify in my inbox

mrvanes
Regular

You have got to be kidding? Can someone at Spotify please get his or her act together and send mails with properly protected and user verifiable url's, including this one?

 

Where can I find the EULA that I need to accept, without clicking the non-verifiable links?

Re: Probable phishing attempt from Spotify in my inbox

mrvanes
Regular

It seems the phishy URL's point to https://www.spotify.com/nl/legal/end-user-agreement/ but I see no option to accept?

1 person liked this

Re: Probable phishing attempt from Spotify in my inbox

Rock Star 1
Rock Star 1

Hi @mrvanes,

 

There are actually more users reporting this. Spotify's team will be looking into this.

I will let you know when I have more answers. 

 

Have a great day :)

BruneliciaRock Star 1
Help others find this answer and click "Accept as Solution".
If you appreciate my answer, maybe give me a Like.
Note: I'm not a Spotify employee.
2 people liked this

Re: Probable phishing attempt from Spotify in my inbox

Moderator
Moderator

Hey there @mrvanes,

 

Thanks for reaching out in the Community about this and apologies for the confusion. 

 

First of all, the email you received is indeed from Spotify.

 

We'll assume your acceptance of the updated Terms and Conditions if you continue to use Spotify 30 days from the date you received the email. If you accept them, you don't have to do anything. However, if you do not want to accept them, you can close your Spotify account before March 15, 2019. You can find the steps here.

 

Hope this helps clarify things! Have a lovely day :)

KaterinaModerator
Help others find this answer and click "Accept as Solution".
If you appreciate my answer, maybe give me a Like.
"Kindness is the language which the deaf can hear and the blind can see." - Mark Twain
SUGGESTED POSTS