Update your subscription

From: Spotify-Team <hiroko@geoact.co.jp>Mar 29, 2026, 6:09 PMdd511714...4ded83

completedMalicious95%

Malicious95% confidence

This email is a malicious Spotify-themed phishing lure. It impersonates Spotify, claims a payment failure, and urges the recipient to update billing details via an unrelated domain. The sender address does not match Spotify, authentication is unknown, and the linked infrastructure is inconsistent with legitimate Spotify communications. Browser verification could not resolve the primary URL, but the overall pattern strongly indicates an attempt to steal payment or account credentials.

PhishingCredential HarvestingBrand ImpersonationLink-Based

URLs analyzed3

Malicious URLs0

Suspicious URLs3

Documents0

Artifacts0

QR codes0

URL Signals

3 analyzed

Suspiciousmanage-sub-local-hub.help

https://manage-sub-local-hub.help/wp-includes/blocks/block/16shop/?p=LpOJa

Suspiciousmodial-relay-assistance-6qf79.wstd.io

https://modial-relay-assistance-6qf79.wstd.io/

Suspiciousmodial-relay-assistance-6qf79.wstd.io

https://modial-relay-assistance-6qf79.wstd.io

Documents

0 processed

None.

Authentication

spfUnknown

dkimUnknown

dmarcUnknown

Envelope

From

Spotify-Team <hiroko@geoact.co.jp>

Reply-To

n/a

Attachments