8FPH20-00081-01 CSIRT warns of SMiShing campaign in music streaming service

Summary

The Computer Security Incident Response Team (CSIRT) has identified a SMiShing campaign through a text message that attempts to deceive users of the Spotify music streaming service.

The message indicates to the potential victim that the subscription of the premium service was canceled, providing as an alternative, to receive the service again, enter the link provided in the message. Upon entering the link, the person is referred to an interface that pretends to be the official application of the service in which they request the client’s credentials. Next, the person is sent to a new page of the site where their bank credentials are captured.

 

Observation

We request to take into account the signals of commitment as a whole

 

Commitment Indicators

Url’s:

http[://]actualiza-spotify[.]cl

http[://]spotify-cl[.]cl

 

Recommendations

Keep your platforms updated (Office, Windows, Adobe Acrobat, Oracle Java and others)
Evaluate the preventive blocking of commitment indicators
Keep all technology and threat detection platforms updated
Review the security controls of the AntiSpam and SandBoxing
Perform permanent awareness for users about these types of threats
View the websites that are entered that are official