Spotify has almost 700 million active users, with 265 million of them being premium subscribers, and as the world’s leading music flow service is a target for cybercrime trying to exploit its users, ESET cyber security warns.

Among other things, it is noted that violated accounts are often used to artificially increase music flow measurements, a practice known as “flow fraud”. This means that cybercriminals use networks from violated accounts to reproduce repeatedly specific songs, thereby increasing flower measurements and creating increased rights payments. According to Beatdapp, a streaming fraud detection platform, at least 10% of all song flows are false, which costs up to three billion dollars per year in the music industry.

Spotify accounts are valuable digital assets and cybercrime can take advantage of them in a variety of ways, such as selling them on the dark internet or on Telegram -type platforms.

The fact that users lose their access to the service when their account is violated is not the only problem. Along with access they also lose valuable personal data, such as payment information, listening habits, as well as possible connections to social media and other online services. Cybercriminals can utilize this information on identity theft or social engineering attacks.

ESET points out that the first step in security is to understand how Spotify accounts can be violated and lists the key tactics used by cybercrime to obtain users’ credentials (phishing, false applications, malware and data violations).

It also gives advice on how to find out if our account has been violated. The most obvious sign of account breach is the unexpected changes to our Settings or Subscription details, such as unauthorized upgrades or downgrades of our subscription program, changes to the email address or amendments to payment information. In addition, unusual activity in history or breeding lists may be a sign of violation, as is the unexplained deletion of breeding lists or the appearance of new lists we have not added. Equally important are irregularities in operation, which can reveal unauthorized access.

If we observe any of these suspicious signs, we must disconnect from all devices through the account settings page, change the password immediately, re -examine and recall access to any third -party applications that we no longer recognize or use, and finally communicate with the Spotary Customer Support.