Normal view

There are new articles available, click to refresh the page.
Yesterday — 3 December 2024Main stream

Spotify playlists are being hijacked to promote pirated software and scams

28 November 2024 at 10:00

Many of us use Spotify every day, whether to listen to songs, podcasts or audiobooks. Some of us create playlists of our favorite songs, while others save playlists made by others. 

In case you didn’t know, Spotify allows you to create public playlists that anyone can save and listen to. You’d think this is a harmless feature, but spammers have found a way to misuse it. 

They’re using Spotify playlists and podcasts to push pirated software, game cheat codes, spam links and malware sites. I’ll discuss the details of this emerging online scam and share tips on how to stay safe.

5 DAYS LEFT! I’M GIVING AWAY A $500 GIFT CARD FOR THE HOLIDAYS (ends 12/2/24 12 pm PT)

As reported by BleepingComputer, this scam works by misusing Spotify’s popularity and trustworthiness. Scammers exploit Spotify playlists by injecting targeted keywords, such as "free download," "crack" or "warez," into titles and descriptions. 

These keywords are designed to align with popular search terms. Since Spotify’s web player pages are indexed by search engines like Google, these spammy results appear in user searches, driving traffic to their links. For example, a Spotify playlist titled "Sony Vegas Pro 13 Crack…" was found promoting "free" software sites in its title and description, directing users to questionable external links.

The scam isn’t limited to playlists. It extends to podcasts as well. Scammers create podcasts with multiple short episodes, typically under 20 seconds, using synthesized speech to direct listeners to click links in the description for free content. These podcasts often target users searching for pirated ebooks, audiobooks or game cheats. While the content may appear legitimate at first glance, clicking on the links often results in being redirected to unsafe pages that further exploit users.

4.3 MILLION AMERICANS EXPOSED IN MASSIVE HEALTH SAVINGS ACCOUNT DATA BREACH

The main goal of this scam is to use Spotify’s trusted reputation and search engine visibility to get people to click on shady links and visit sketchy websites. Scammers make money through fake ad clicks, bogus surveys and affiliate links, while also spreading malware by tricking users into downloading harmful software or extensions. 

They also try to steal personal info through fake sign-up forms or phishing pages, which can lead to identity theft or be sold to others. By using Spotify’s indexed pages, they boost the search rankings of their spam sites, reaching more people. Some of these sites even run extra scams like fake crypto giveaways or phishing attempts to grab even more money or data from unsuspecting users.

CLICK HERE TO SIGN UP FOR THE ENTERTAINMENT NEWSLETTER

MASSIVE SECURITY FLAW PUTS MOST POPULAR BROWSERS AT RISK ON MAC

1. Avoid clicking on suspicious links: Be cautious when you come across playlists or podcasts with titles like "Sony Vegas Pro 13 Crack" or other promises of free software, audiobooks or game cheats. These often include links in the description that redirect to unsafe sites hosting malware, adware or phishing pages.

The best way to safeguard yourself from malicious links that install malware, potentially accessing your private information, is to have antivirus software installed on all your devices. This protection can also alert you to phishing emails and ransomware scams, keeping your personal information and digital assets safe. Get my picks for the best 2024 antivirus protection winners for your Windows, Mac, Android and iOS devices.

2. Stick to official sources: Always download software, eBooks or other digital content from trusted official websites or reputable platforms. If you see a Spotify playlist or podcast offering "free" versions of paid content, it’s likely a scam. Cross-check the legitimacy of the content through known channels instead of relying on unverified links.

GET FOX BUSINESS ON THE GO BY CLICKING HERE

3. Use strong, unique passwords: Create complex and unique passwords for your Spotify account and avoid using personal information like birthdays or pet names. Consider using a password manager to generate and store complex passwords.

4. Be skeptical of synthesized speech and short episodes: Many scam podcasts feature short episodes (10-20 seconds) with synthesized speech directing you to click on a link in the description. These are a common tactic used to trick users into visiting unsafe pages. If the content feels automated, vague or overly promotional, it’s best to avoid it.

5. Verify curator credentials: Check the credentials of playlist curators. Legitimate curators usually have a verifiable online presence. If you can't find any information about them, it's best to avoid engaging with them.

6. Recognize phishing attempts: Be cautious of emails claiming to be from Spotify that ask you to confirm account details or click on suspicious links. These are often phishing attempts designed to steal your credentials.

7. Report and block suspicious content: If you come across playlists or podcasts that seem fraudulent or inappropriate, report them directly to Spotify. Use Spotify’s reporting tools to flag content that violates its platform rules. Blocking suspicious accounts or playlists also ensures you won’t accidentally interact with them in the future, and reporting helps Spotify improve its filtering and moderation systems.

HOW TO REMOVE YOUR PRIVATE DATA FROM THE INTERNET

Scammers will use any means possible to trick you. In the past, we’ve seen bad actors weaponize Google search results with malicious websites that install malware when links are clicked on. There have also been plenty of SEO scams targeting users. Companies like Spotify need to implement measures to prevent their platforms from being misused by scammers. Google also has a responsibility to ensure the quality of its search results. Just because a webpage comes from a well-known organization doesn’t mean it deserves to rank highly on the search results pages.

Do you think platforms like Spotify and Google are doing enough to prevent scams, or could they improve? Let us know by writing us at Cyberguy.com/Contact.

For more of my tech tips and security alerts, subscribe to my free CyberGuy Report Newsletter by heading to Cyberguy.com/Newsletter.

Ask Kurt a question or let us know what stories you'd like us to cover.

Follow Kurt on his social channels:

Answers to the most asked CyberGuy questions:

New from Kurt:

Try CyberGuy's new games (crosswords, word searches, trivia and more!)

Enter CyberGuy's $500 Holiday Gift Card Sweepstakes

KURT’S HOLIDAY GIFT GUIDES 

Deals: Unbeatable Best Black Friday deals | Laptops | Desktops | Printers 

Best gifts for Men | Women | Kids | Teens | Pet lovers 

Copyright 2024 CyberGuy.com. All rights reserved.

Goo Goo Dolls singer hospitalized with pneumonia; band cancels concerts in South Africa

3 December 2024 at 15:27

Goo Goo Dolls lead singer John Rzeznik was hospitalized with pneumonia and canceled a series of concerts in South Africa.

Wearing a blue medical gown and black Herschel hat, the "Slide" singer apologized to fans for having to postpone the shows in a video captured from what appeared to be his room in a hospital.

The popular '90s rock band was scheduled to perform in South Africa from Dec. 4-7.

JUSTIN TIMBERLAKE CANCELS ANOTHER CONCERT ON WORLD TOUR AFTER INJURING BACK: ‘Y’ALL KNOW I HATE DOING THIS'

"Hey everybody, it's John from the Goo Goo Dolls," Rzeznik said from his bed in the video posted to social media. "I'm truly sorry that I cannot be there, but I wound up going to a doctor, and I have pneumonia. And they checked me into a hospital. And I'm stuck here for a day or two.

"We're working on getting back down there as fast as we can, and I will keep you informed about that. I'm just really sorry that we couldn't do this. I apologize that this happened. We'll come down there, we'll make it up to you guys.

APP USERS CLICK HERE TO VIEW POST 

"Thanks for being patient."

LIKE WHAT YOU’RE READING? CLICK HERE FOR MORE ENTERTAINMENT NEWS

Following his video message, updated tour dates flashed across the screen for the end of March.

On Instagram, the band posted, "We’re heartbroken to postpone our South Africa shows. This country means so much to us, and we were so excited to create more memories with you. Sadly, my doctor has advised rest and recovery. Thank you for your understanding — we’ll make it worth the wait when we return in March 2025!"

CLICK HERE TO SIGN UP FOR THE ENTERTAINMENT NEWSLETTER

The Goo Goo Dolls found mainstream success with the 1995 release of their breakthrough single, "Name," from their fifth studio album. Three years later, "Iris," written for the Nicolas Cage film "City of Angels," earned the group accolades and spent nearly a dozen weeks on the Billboard Hot 100.

Since releasing their sixth studio album, "Dizzy Up the Girl" in 1998, the band has sold millions of albums worldwide and has continued to tour. 

In April 2025, the Goo Goo Dolls will join Zach Bryan, Luke Combs, Jelly Roll, Ashley McBryde and Lana Del Rey at the Stagecoach Country Music Festival in Indio, Calif.

❌
❌