Advice Request Spotify - "detected suspicious activity"

Please provide comments and solutions that are helpful to the author of this topic.

Ink

Administrator
Thread author
Verified
Staff Member
Well-known
Jan 8, 2011
22,361
I received an legitimate Spotify email asking me to create a new password to log back in.

Double checked as Spotify app was logged out this morning.
Hi

To protect your Spotify account, we've reset your password due to detected suspicious activity.

You need to create a new password to log back in.

I have a strong suspicion that it was triggered by logging in to Spotify Web player (browser) over an active VPN connection. Would this have triggered the suspicious account behaviour?

If so, this gives allow several hours, say for example, the account to be stolen. The time between logging in over VPN and the "Please update your password" email. True or False information?
 
Last edited:

Nevi

Level 11
Verified
Top Poster
Well-known
Apr 7, 2016
500
I received an legitimate Spotify email asking me to create a new password to log back in.

Double checked as Spotify app was logged out this morning.


I have a strong suspicion that it was triggered by logging in to Spotify Web player (browser) over an active VPN connection. Would this have triggered the suspicious account behaviour?

If so, this gives allow several hours, say for example, the account to be stolen. The time between logging in over VPN and the "Please update your password" email. True or False information?
Look away from the email, and reset your Spotify log in. That's probably the best. Dont click on the mail.
 

Marko :)

Level 20
Verified
Top Poster
Well-known
Aug 12, 2015
954
Would this have triggered the suspicious account behaviour?
Three months ago when Spotify was still unavailable here, I was using UK VPN server every 14 days to sign in. Never received such mail. Unless, they changed the way they deal with VPNs which is highly unlikely.

Sign in to accounts.spotify.com and log out from all of the devices. And don't forget to change your password, just in case...
 

Ink

Administrator
Thread author
Verified
Staff Member
Well-known
Jan 8, 2011
22,361
Dont click on the mail.
It was from Spotify, I get zero junk mail from that email account. Can't log in without following the password reset link via email.

Three months ago when Spotify was still unavailable here, I was using UK VPN server every 14 days to sign in.
If you are using Spotify via a supported country, from an unsupported location. Then it wouldn't be suspicious, unless you switched to another country?
 

Freki123

Level 15
Verified
Top Poster
Aug 10, 2013
737
Every day I use spotify I get like the next day a "new login notification". My guess is it could be something like my sandboxed browser or fingerprinting protection or so on. My IP is rather static and I didn't use a VPN. So yes I think it's possible they don't like VPN then either :D
 

Marko :)

Level 20
Verified
Top Poster
Well-known
Aug 12, 2015
954
It was from Spotify, I get zero junk mail from that email account. Can't log in without following the password reset link via email.


If you are using Spotify via a supported country, from an unsupported location. Then it wouldn't be suspicious, unless you switched to another country?
I did switch countries at some point and I've never received such mail. Could be because I used the same device.
 

Cortex

Level 26
Verified
Top Poster
Well-known
Aug 4, 2016
1,465
I've used Spotify with a VPN for some years both on the Windows program, phone & also SONOS app both on Windows & on IOS using a VPN & not without any problems so far - Family account

Edit: sometimes from a remote location NZ USA Canada & Pacific?
 

Soulbound

Moderator
Verified
Staff Member
Well-known
Jan 14, 2015
1,761
I received an legitimate Spotify email asking me to create a new password to log back in.

Double checked as Spotify app was logged out this morning.


I have a strong suspicion that it was triggered by logging in to Spotify Web player (browser) over an active VPN connection. Would this have triggered the suspicious account behaviour?

If so, this gives allow several hours, say for example, the account to be stolen. The time between logging in over VPN and the "Please update your password" email. True or False information?
Had that issue once when i had spotify running, then used GeoVPN to test something for work cant remember what country i selected. After I was done with the vpn, I didnt close Spotify and continued to use until a couple of hours later. next day i couldnt login and got an email from spotify. I have reset my password but then just in case i logged out from every device.

Since then if I use VPN and Spotify, I ensure to close Spotify then load VPN and then Spotify.
 

R2D2

Level 6
Verified
Well-known
Aug 7, 2017
267
I have received a few of these emails and so have people on my Spotify Family plan. Don't worry it's pretty normal nowadays, I am not sure what triggers the email, possibly the use of VPNs etc, but the link in the email is genuine. If Spotify's site was being spoofed I am sure the learned members of MalwareTips , which is a security enthusiasts site, would not type in in their credentials. :)
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top