A phishing campaign with a clever Spotify lure has been spotted trying to harvest user credentials for the popular streaming service. Researchers at AppRiver detected the offensive earlier this month, in a campaign looking to compromise Spotify customers using bogus but convincing emails with the purpose of hijacking the owner s account. The credentials could be useful if the victim has reused them on other, higher-value sites, like online banking. Password-cracking software such as John the Ripper and Cain and Abel are popular utilities for these attacks.
Source: https://threatpost.com/spotify-phishers-hijack-music-fans-accounts/139329/