PayPal and Spotify scam emails are on the rise. Here’s how to stay safe
Source : PCWorld.com
Publié le : mercredi 10 septembre 2025 à 14:40
Both PayPal and Spotify have made negative headlines in recent weeks. In late August, a data leak of 15.8 million PayPal accounts appeared for sale on the web. More recently, Spotify went live with a new Messages feature allowing users to send private messages, and later this month Spotify will be cracking down on account sharing and pricing arbitrage. As if all this wasn’t enough to stress out PayPal and Spotify users, fraudsters are now targeting customers of both services with phishing emails. Not a surprise since phishing attacks are on the rise. Watch out for Spotify phishing scams Fake Spotify emails are circulating with subjects like “Update your payment information” or “Important notification about your payment.” The greetings in these emails are often impersonal, like “Dear user.” The emails state that your last “Spotify Premium payment” allegedly couldn’t be processed. In order to continue using Spotify without any interruptions, your payment details need to be updated. The fraudsters also want to put you under a time pressure by setting a deadline of two days for you to update your payment details. If you don’t, the email reportedly says your Spotify account will be blocked. At the end of the email is a big green “Update payment” button that takes you to a fake page, where you’ll enter your login credentials—and the fraudsters will then have access to your Spotify account. Spotify phishing emails aren’t uncommon, and there’s even a dedicated support page called “Is this Spotify email legit?” with tips on how to differentiate legit emails versus fake emails. Watch out for PayPal phishing scams Fake PayPal emails are always circulating, but there’s been a big increase in frequency lately. The subject lines usually say something like “Action required: Account restricted – 24-hour deadline” or “Your PayPal account is temporarily deactivated.” These emails state that PayPal has blocked your account due to suspicious activity. You’re called to confirm your identity within 24 hours, otherwise PayPal will permanently deactivate your user account. Note how the fraudsters want to put you under time pressure—just like with the fake Spotify emails—so you feel rushed to act and less likely to think clearly. You’re instructed to confirm your identity with the black button labeled “Confirm account now,” which leads to a fake page that looks like you’re logging into PayPal. Of course, once you enter your login credentials, the fraudsters have it and can use it to access your real PayPal account. (Here’s what you can do if your PayPal account is hacked.) How to keep yourself safe Learn to spot the red flags of a phishing email, like impersonal forms of address, dubious sender email addresses (especially ones that come from generic services like Gmail or Hotmail), time pressure and scare tactics, suspicious links and buttons, and stark consequences if you don’t act. Never click on links or buttons in emails. If you suspect a phishing attempt, mark the email as spam and report it to your email provider. Learn more about why you should never straight-up delete spam emails.