Spotify voting scam exposed

It started with a elemental favor. A person asked for assistance voting truthful helium could co-host a large podcast lawsuit with Spotify and Google. The archetypal connection looked casual. It felt personal. It adjacent had urgency.

"Hey, I request a speedy favor," the connection read. "I'm successful the moving to co-host a large podcast lawsuit with Spotify & Google. It'd mean a batch if you could driblet a ballot for me. Appreciate you!"

I astir clicked. Then I noticed the link. That 1 item apt saved aggregate accounts. Then came a follow-up substance that turned up the pressure: "Please ballot for me, I would truly admit it arsenic the voting volition beryllium ending today."

A last connection read, "Thanks, delight nonstop maine a screenshot aft you voted."

That is erstwhile it stopped feeling similar a favour and began to consciousness similar a setup. Let's interruption down what is truly going connected here.

Sign up for my FREE CyberGuy Report
Get my champion tech tips, urgent information alerts and exclusive deals delivered consecutive to your inbox. Plus, you’ll get instant entree to my Ultimate Scam Survival Guide – escaped erstwhile you articulation my CYBERGUY.COM newsletter.

The scam unfolds successful stages, starting with a affable petition and escalating to unit and a request for a screenshot to corroborate you took the bait. (Kurt "CyberGuy" Knutsson)

What this Spotify voting substance scam looks like

The connection claims idiosyncratic needs your ballot to co-host a podcast lawsuit with Spotify and Google. It includes a nexus that looks authoritative astatine archetypal glance. But look closely.

The URL reads: spotifyprime-hub.ct.ws

That is not spotify.com. Major companies bash not tally events connected random domains similar ct.ws. Scammers registry inexpensive lookalike domains due to the fact that they are casual to make and hard to announcement successful a speedy scroll. That tiny item is the archetypal reddish flag.

What the fake voting leafage looks like

The tract looks clean. It feels polished and official. It adjacent claims to beryllium powered by Google. Then it gives you 3 options:

• Continue with Instagram
• Continue with Email
• Continue with X

That is erstwhile you request to stop. This is not astir voting. It is astir collecting your login credentials.

ROBINHOOD TEXT SCAM WARNING: DO NOT CALL THIS NUMBER

The fake voting leafage looks convincing, but the login buttons uncover it is designed to bargain your societal media credentials. (Kurt "CyberGuy" Knutsson)

What gives this scam away?

If you dilatory down and look closely, respective wide reddish flags leap retired close away.

1. The web address

The domain is wrong. It is not spotify.com oregon google.com. Instead, it uses a random third-party address. That unsocial should halt you successful your tracks.

2. The urgency

"Voting ends today." "It would mean a lot." Scammers trust connected emotion and pressure. When you consciousness rushed, you halt analyzing. That is the goal.

3. The login buttons

A existent voting leafage would not necessitate your Instagram, email oregon X login. The infinitesimal a tract asks you to motion successful with unrelated platforms, you should presume credential harvesting, which is erstwhile scammers instrumentality you into entering your username and password truthful they tin bargain your account.

What really happened to idiosyncratic who fell for it?

Here is what 1 unfortunate shared aft clicking:

"So I got that Twitter DM from a person past week. I signed successful to ballot for him. It didn't work. Then, a time later, they hacked my relationship and locked maine retired earlier I could alteration my password. I americium inactive locked out, and it is seemingly doing it to different people. Another person got it from maine and besides got hacked and is locked out. They are trying to extort him to get entree back. And contiguous they tried to get into my slope accounts. It has been miserable."

This is however accelerated it spreads. One login becomes 10. Ten becomes hundreds. It turns into a concatenation reaction.

What the scammers bash aft you log in?

The process is elemental and brutal. First, you participate your username and password. Next, the scammer logs into your relationship wrong minutes. Then they alteration your password and betterment email. After that, they nonstop the aforesaid "vote for me" connection to everyone successful your contacts.

If you reuse passwords, they whitethorn effort those credentials connected email, banking oregon buying sites. This is simply a classical relationship takeover phishing scam.

Why bash scammers inquire for a screenshot?

This portion is clever. After you "vote," they inquire for impervious successful the signifier of a screenshot. Here is why. First, it confirms you completed the login. Second, screenshots tin exposure usernames, email addresses oregon different disposable details. Third, it keeps you engaged truthful you bash not instantly recognize thing went wrong. However, the harm usually happens the infinitesimal you participate your credentials.

"We're alert of phishing messages falsely claiming to beryllium associated with Spotify and different brands," a Spotify spokesperson told CyberGuy. "These messages are not from Spotify, are not connected to immoderate authoritative Spotify lawsuit oregon activity, and are not occurring connected the Spotify platform. We promote radical to stay vigilant and debar clicking connected suspicious links."

Meanwhile, a Google spokesperson pointed america to the company's online usher for spotting and avoiding scams.

MICROSOFT 'IMPORTANT MAIL' EMAIL IS A SCAM: HOW TO SPOT IT

The Spotify logo is displayed connected a surface connected the level of the New York Stock Exchange successful New York connected May 3, 2018. (REUTERS/Brendan McDermid/File Photo)

How to support yourself from the Spotify voting scam

Now let's speech prevention.

1. Always cheque the afloat URL

Look beyond the marque sanction successful the message. If the domain is not the authoritative institution domain, bash not click.

2. Slow down erstwhile you consciousness urgency

Scammers manufacture pressure. Real friends tin wait.

3. Turn connected two-factor authentication (2FA) 

Use app-based two-factor authentication (2FA) whenever possible. It adds a captious barrier.

4. Use beardown antivirus bundle connected your devices

Strong antivirus bundle tin artifact known phishing sites, pass you astir suspicious links and assistance forestall malicious downloads earlier harm is done. Get my picks for the champion 2026 antivirus extortion winners for your Windows, Mac, Android & iOS devices astatine Cyberguy.com.

5. Never reuse passwords

Use a password manager to make unsocial passwords for each account. Check retired the champion expert-reviewed password managers of 2026 astatine Cyberguy.com.

6. Verify with the idiosyncratic directly

If a person sends thing unusual, telephone oregon substance them separately and inquire if they meant to nonstop it.

7. Check login enactment regularly

Most societal platforms fto you reappraisal progressive sessions. If you spot a login from an unfamiliar determination oregon device, log retired of each sessions immediately.

What to bash if you already clicked

• If you did not click, delete the connection and pass your friend.
• If you did click and participate credentials, enactment fast.
• Change the password immediately.
• Enable two-factor authentication.
• Review login activity.
• Change immoderate different accounts that usage the aforesaid password.

Time matters here, truthful don't enactment this off.

Kurt's cardinal takeaways

There is nary Spotify and Google podcast voting lawsuit moving connected a random ct.ws domain. The full cognition exists to bargain societal media credentials, hijack accounts and dispersed further. It looks polished. It feels personal. That is what makes it effective. The adjacent clip idiosyncratic asks you for a speedy vote, intermission and inspect the link. That tiny infinitesimal of skepticism tin forestall days of damage.

If a connection came from idiosyncratic you trust, would you inactive halt to inspect the nexus earlier clicking? Let america cognize by penning to america astatine Cyberguy.com.

CLICK HERE TO DOWNLOAD THE FOX NEWS APP

Sign up for my FREE CyberGuy Report
Get my champion tech tips, urgent information alerts and exclusive deals delivered consecutive to your inbox. Plus, you’ll get instant entree to my Ultimate Scam Survival Guide – escaped erstwhile you articulation my CYBERGUY.COM newsletter. 

Copyright 2026 CyberGuy.com. All rights reserved.

Related Article