Spotify misused for scams and malware
Scammers are leveraging Spotify’s playlist and podcast features to target unsuspecting users with malware and phishing schemes.
Scammers are misusing Spotify’s playlist and podcast features to promote pirated software, malware, and phishing schemes. By embedding popular search terms like ‘free download’ or ‘crack’ in playlists and podcast titles, these bad actors ensure their spam appears in Google search results. Users who click on these links often land on unsafe sites designed to install malicious software or steal personal data.
The schemes include playlists and short podcast episodes featuring synthetic voice prompts that redirect listeners to risky external sites. These scams exploit Spotify’s trusted reputation and indexed pages to rank high in search results. Scammers profit through ad clicks, fake surveys, and affiliate links while spreading malware or engaging in phishing attempts.
Experts warn users to avoid clicking on suspicious links, verify playlist or podcast creators, and stick to official sources for downloads. Spotify and search engines like Google face calls to strengthen safeguards to prevent misuse of their platforms. In the meantime, users are encouraged to report fraudulent content and use antivirus software to stay protected.