Spotify has become the most impersonated brand in Europe within phishing and online fraud campaigns, according to the latest Kaspersky report on financial cyber threats.
As the study reflects, cybercriminals are shifting their focus towards well-known and everyday digital brands, because they generate more trust and increase the probability that the user will fall for deception. In fact, the data ensure that cybercriminals are leaving behind their historical focus on traditional retail commerce and banking entities to target a much more lucrative ecosystem such as digital services.
The report’s regional analysis shows that phishing strategies are highly geolocated, adapting to local market penetration and consumer habits. In the European context, Spotify leads the way as the brand most impersonated by attackers. Along with the audio streaming giant, Apple and other platforms in the digital environment concentrate the highest volume of fraudulent campaigns in the region.
Spotify and subscription services
From Kaspersky they explain that this predilection for subscription services in Europe responds to security fatigue on the part of the end user. As these are brands integrated into the daily routine and associated with automated payments, user alert rates decrease, making it easier to collect corporate and personal credentials. Polina Tretyak, an analyst at Kaspersky Digital Footprint Intelligence, states that “the more familiar a platform is, the easier it is for the victim to let their guard down and hand over credentials or banking details.”
Outside of the regional breakdown, Netflix was the most impersonated brand in scams linked to online purchases, with a 28.42% presence, while Mastercard led phishing related to payment systems with 33.45%. Behind Mastercard are Visa, with 20.06%, PayPal, with 14.10%, and PayPay, with 11.72%, which confirms the interest of attackers in widely used financial platforms.
The report, Financial cyberthreats in 2025 and the outlook for 2026also highlights that the distribution of impersonated brands varies by region: Spotify leads in Europe, Netflix dominates in the Middle East and Apple leads APAC. Likewise, the report points out that in the B2B context it is essential to mitigate the human factor and reinforce Zero-Trust policies. Kaspersky experts remind that effective protection not only depends on technological solutions capable of blocking phishing in real time, but also on the strict implementation of multi-factor authentication (MFA) policies, the use of corporate password managers and a rigorous audit of payment links and external accesses.
