The National Information Technology Development Agency (NITDA) has issued a public alert warning Nigerians about a cybersecurity threat involving the use of Spotify to promote malicious activities.
The agency in a public notice issued on Tuesday, revealed that threat actors are exploiting the popular music streaming platform to advertise game hacks, pirated software, and spam links that could expose users to cyber threats.
According to NITDA, cybercriminals embed malicious promotions in playlist names and podcast descriptions on Spotify.
Nature of the threat
NITDE explained that these promotions are used to advertise game hacks for popular video games such as Fortnite, GTA, Apex, and Roblox. Additionally, they promote pirated software (commonly referred to as “cracks”), spam links, and other malicious sites.
This abuse leverages Spotify’s web player results to improve the search engine visibility of these harmful websites, putting unsuspecting users at risk of malware, scams, and other cyber threats.
NITDA warned that the exploitation of Spotify could lead to:
- Exposure to scams and phishing attacks.
- Downloading of malware that can compromise user devices.
- Loss of personal and financial data through interactions with malicious websites.
Preventive measures for Spotify users
To mitigate the risks, NITDA advises users to adopt the following preventive measures:
- Exercise Caution with Suspicious Playlists and Podcasts: Avoid engaging with playlists or podcasts that feature unusual or suspicious text in their descriptions.
- Do Not Click Unknown Links: Refrain from clicking on any links embedded in the descriptions of playlists and podcasts.
- Update the Spotify App: Ensure the Spotify app is updated to the latest version to minimize vulnerabilities.
The Agency further advised Spotify users in Nigeria to remain vigilant and adhere to cybersecurity best practices to safeguard their personal information and devices.
What you should know
As more people go online, cybercriminals have continued to device various means to attack and steal from them through the various platforms the people go to.
- In a recent similar development, NITDA had also warned Nigeria to be wary of a new scam on the internet under the guise of cryptocurrency giveaways.
- According to the agency the scam is being perpetrated mainly on the short video streaming platform, TikTok.
- The scammers’ endgame is to trick their victims into making some crypto payment and also steal from their crypto wallets.
- While noting that the scam is not new, NITDA said the theft, which started on TikTok has been spread to other social media.
- NITDA, which is the federal government agency responsible for ICT development in Nigeria had also recently warned Nigerians to be wary of fake and fraudulent ChatGPT websites being promoted on Facebook.
According to the Agency, the websites posing as OpenAI’s popular AI, ChatGPT are tricking users into downloading malicious files or software to their devices.
