Update your subscription

From: Spotify-Team <hiroko@geoact.co.jp>Mar 29, 2026, 6:30 PMb7153f84...117baa

completedSuspicious96%

Suspicious96% confidence

This email impersonates Spotify using a payment-failure lure and urges the recipient to update billing details. The sender domain (geoact.co.jp) does not align with Spotify, and the primary link points to a non-Spotify domain with a suspicious path. Browser validation found the destination unresolved, so the content could not be safely verified, but the branding mismatch, payment-update pretext, and off-brand infrastructure strongly indicate a phishing attempt. The additional wstd.io URLs also appear unrelated to Spotify and are suspicious in this context.

PhishingBrand ImpersonationLink-Based

URLs analyzed3

Malicious URLs0

Suspicious URLs3

Documents0

Artifacts0

QR codes0

URL Signals

3 analyzed

Suspiciousmanage-sub-local-hub.help

https://manage-sub-local-hub.help/wp-includes/blocks/block/16shop/?p=LpOJa

Suspiciousmodial-relay-assistance-6qf79.wstd.io

https://modial-relay-assistance-6qf79.wstd.io/

Suspiciousmodial-relay-assistance-6qf79.wstd.io

https://modial-relay-assistance-6qf79.wstd.io

Documents

0 processed

None.

Authentication

spfUnknown

dkimUnknown

dmarcUnknown

Envelope

From

Spotify-Team <hiroko@geoact.co.jp>

Reply-To

n/a

Attachments