Fake Spotify podcast vote phishing targets user login credentials
NEWYou can now listen to Fox News articles!
It all started with a simple favor. A friend asked for help voting so he could co-host a major podcast event with Spotify and Google. The first message seemed casual. It was personal. There was even urgency.
“Hey, I need a quick favor,” the message said. “I’m in the running to co-host a major podcast event with Spotify and Google. It would mean a lot if you could vote for me. Thank you!”
I almost clicked. Then I noticed the connection. This detail probably saved several accounts. Then came a follow-up text that ratcheted up the pressure: “Please vote for me, I would really appreciate it as voting ends today.”
A final message read: “Thanks, send me a screenshot after you vote.”
That’s when it stopped feeling like a favor and started feeling like a set-up. Let’s break down what’s actually going on here.
Sign up for my FREE CyberGuy Report
Get my best tech tips, urgent security alerts and exclusive offers straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide – free when you join my CYBERGUY.COM bulletin.
The scam unfolds in stages, starting with a friendly request and escalating to pressure and demanding a screenshot to confirm you’ve taken the bait. (Kurt “CyberGuy” Knutsson)
What This Spotify Voting SMS Scam Looks Like
The post claims that someone needs your vote to co-host a podcast event with Spotify and Google. It includes a link that appears official at first glance. But look carefully.
The URL states: spotifyprime-hub.ct.ws
It’s not Spotify.com. Big companies don’t hold events on random domains like ct.ws. Scammers register cheap lookalike domains because they are easy to create and hard to notice at a glance. This little detail is the first red flag.
What the fake voting page looks like
The site looks clean. It looks polished and official. It even claims to be powered by Google. Then it gives you three options:
- Continue with Instagram
- Continue with email
- Continue with
That’s when you have to stop. It’s not about voting. This involves collecting your login credentials.
ROBINHOOD TEXT SCAM WARNING: DO NOT CALL THIS NUMBER
The fake voting page looks convincing, but the login buttons reveal that it is designed to steal your social media credentials. (Kurt “CyberGuy” Knutsson)
What reveals this scam?
If you slow down and look closely, several clear red flags appear immediately.
1. Internet address
The domain is fake. It’s not Spotify.com or google.com. Instead, it uses a random third-party address. That alone should stop you in your tracks.
2. The emergency
“Voting ends today.” “It would mean a lot.” Scammers rely on emotion and pressure. When you feel rushed, you stop analyzing. That’s the goal.
3. Connection buttons
A real voting page would not require your Instagram, email or
What really happened to someone who fell in love?
Here’s what one victim shared after clicking:
“So I got this Twitter DM from a friend last week. I logged in to vote for him. It didn’t work. Then a day later they hacked my account and locked me out before I could change my password. I’m still blocked, and apparently he’s doing it to other people. Another friend got it from me and was also hacked and is blocked. They’re trying to extort access from him. And today they have tried to access my bank accounts. It’s been miserable.
That’s how fast it spreads. One connection becomes 10. Ten becomes hundreds. This turns into a chain reaction.
What do scammers do after you log in?
The process is simple and brutal. First, you enter your username and password. Then the scammer logs into your account within minutes. Then they change your password and recovery email. After that, they send the same “vote for me” message to all your contacts.
If you reuse passwords, they may try those credentials on email, banking, or shopping sites. This is a classic account control phishing scam.
Why do scammers ask for a screenshot?
This part is clever. After “voting”, they ask for proof in the form of a screenshot. Here’s why. First, it confirms that you have completed the connection. Second, screenshots may expose usernames, email addresses, or other visible details. Third, it keeps you engaged so you don’t immediately realize something went wrong. However, the damage usually happens the moment you enter your credentials.
“We are aware of phishing messages falsely claiming to be associated with Spotify and other brands,” a Spotify spokesperson told CyberGuy. “These messages do not originate from Spotify, are not related to any official Spotify events or activities, and do not appear on the Spotify platform. We encourage people to remain vigilant and avoid clicking on suspicious links.”
Meanwhile, a Google spokesperson pointed us to the company’s online guide to spotting and avoiding scams.
MICROSOFT ‘IMPORTANT MAIL’ EMAIL IS A SCAM: HOW TO SPOT IT
The Spotify logo is displayed on a screen at the New York Stock Exchange in New York on May 3, 2018. (Reuters/Brendan McDermid/file photo)
How to protect yourself from the Spotify voting scam
Now let’s talk about prevention.
1. Always check the full URL
Look beyond the brand name in the message. If the domain is not the official company domain, do not click.
2. Slow down when you feel an emergency
Scammers create pressure. True friends can wait.
3. Enable two-factor authentication (2FA)
Use app-based two-factor authentication (2FA) wherever possible. This adds a critical barrier.
4. Use powerful antivirus software on your devices
Powerful antivirus software can block known phishing sites, warn you of suspicious links, and prevent malicious downloads before damage is done. Get my picks for the best 2026 antivirus protection winners for your Windows, Mac, Android, and iOS devices at Cyberguy.com.
5. Never reuse passwords
Use a password manager to generate unique passwords for each account. Discover the Best Expert-Rated Password Managers of 2026 at Cyberguy.com.
6. Check directly with the person
If a friend sends something unusual, call or text them separately and ask if they intended to send it.
7. Check Login Activity Regularly
Most social platforms allow you to view active sessions. If you see a connection from an unknown location or device, log out of all sessions immediately.
What to do if you’ve already clicked
- If you didn’t click, delete the message and tell your friend.
- If you’ve clicked and entered your credentials, act quickly.
- Change the password immediately.
- Enable two-factor authentication.
- Review login activity.
- Change any other accounts that use the same password.
Time is of the essence here, so don’t put this off.
Kurt’s Key Takeaways
There is no voting event for Spotify and Google podcasts on a random ct.ws domain. The entire operation exists to steal social media credentials, hijack accounts, and spread further. He looks polite. It seems personal. This is what makes it effective. The next time someone asks you to vote quickly, pause and inspect the link. This small moment of skepticism can prevent days of damage.
If a message came from someone you trusted, would you still stop to inspect the link before clicking? Let us know by writing to us at Cyberguy.com.
CLICK HERE TO DOWNLOAD THE FOX NEWS APP
Sign up for my FREE CyberGuy Report
Get my best tech tips, urgent security alerts and exclusive offers straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide – free when you join my CYBERGUY.COM bulletin.
Copyright 2026 CyberGuy.com. All rights reserved.
Related article
