Spam trends of the week: Financial phishing, Spotify and travel scams are making their way into email inboxes worldwide

This week, Bitdefender Antispam Lab is warning of the latest email-based scams that threaten people’s privacy and wallets.

The spam trends of mid-June include financial phishing, travel-themed giveaway scams and attempts to hijack Spotify accounts.

Let’s take a closer look at some samples for more insight into how these phishing campaigns work and how you can protect against them:

PostBank, Citadele Banka, SpareBank and International Card Services phishing

Our researchers spotted multiple attempts at hijacking financial accounts belonging to PostBank, Citadele Banka and SpareBank customers. Most of the phishing campaigns were short-lived, accessible only by recipients using an IP address from the targeted country. Researchers used a VPN to bypass geo-blocking restrictions and visualize the fraudulent platforms.

The phony correspondence either told the recipients their financial accounts were blocked due to pending verification processes, warned of potentially unauthorized access from an unknown device, or alerted them to some financial transfers.

You can find a digital translation of the message below:

“Your verification process is pending. Please note that due to the change in the law on June 14th, 2023, all customers must reactivate the PSD2 status. - You cannot receive or send funds in your contract area until you have verified your phone number for your device.”

Recipients from Latvia were targeted with a phishing email impersonating Citadele Banka.  Some samples also included PDF attachments containing details about ‘transactions’.

“We inform you that the transfer to your account was rejected because a possible error was found on your profile computer, please click and follow the instructions to update your personal data,” the above instructions read. “Until the process of updating your profile is completed, your account will be credited immediately. Sorry for the inconvenience.”

SpareBank customers were notified about an attempt to log in to their accounts from an unknown device in Norway. As a result, accounts were disabled and recipients needed to complete a verification process to restore access.

Dutch users were bombarded with fraudulent correspondence purporting to be from International Card Services. Once again, recipients were urged to complete a form that would allow them to continue using their accounts and online cards.

Bank phishing emails can trick individuals into sharing personal, financial or security-related information. While they may look like correspondence you receive from your bank or the financial institution (as scammers replicate logos, layouts or tone of similar emails), they always use language that transmits a sense of urgency and asks for you to log in to prevent further blocking of your funds or account. If you receive similar correspondence, don’t click on any links or attachments.

Examine the email closely, and compare the sender's email address to previous correspondence you may have received from your bank. You should also double-check on your bank’s official website (never access the links in the message) or give them a call, and always report fraudulent correspondence to your email provider and financial institution.

Travel-themed giveaway scams

People from the UK and US were targeted with phony prizes allegedly sent from Ryanair and American Airlines. The scammers invite recipients to participate in an online survey and are notified that they’ve won a holiday voucher worth either $500 or £500.

If the recipient decides to take up the offer and answer a couple of questions, he will be asked to pay a modest shipping fee of $1.95 to receive the gift card.

Email-based travel scams are likely to intensify during the summer months as millions of consumers are planning a long-awaited vacation. Whether you’re planning on traveling abroad or staying local, watch out for unsolicited messages that promise you big prizes, discounts and airline miles for completing any type of survey. Be especially wary of any request to log in to your frequent flyer accounts or any other pieces of information.

Phishing for Spotify accounts

Cyber crooks were also after the login credentials of Spotify users this week, telling them their password has been reset due to suspicious activity.

It’s important to note the streaming giant said on its official website that it will never ask for personal information over email, and that it only notifies users about account activity such as new logins or new family members using the service.

In this case, while the message does alert people about their account activity, it also requests information from the recipients. As rule of thumb, users who receive this or similar correspondence should immediately delete the message, and if you are still worried about potential compromise, head to your Spotify account using the app or browser and reset the password. Do not click on any links or attachments in the unsolicited email.

Need help prioritizing your digital safety?

Opt for a Bitdefender all-in-one security solution to protect all your devices from malicious and fraudulent activity no matter where your online activity takes you.

With Bitdefender's all-in-one plans, you get award-winning antimalware protection and benefit from advanced anti-fraud and anti-phishing filtering systems that warn you whenever you visit a website that may try to scam you. You also get a state-of-the-art Password Manager to help you store your sensitive data passwords, a powerful Premium VPN with unlimited traffic to help you find cheaper flights without advertisers tracking your every move, and Digital Identity Protection or Identity Theft Protection, depending on your location and chosen plan.

Stay Safe!