The National Information Technology Development Agency (NITDA) has issued a public alert warning Nigerians about a cybersecurity threat involving the use of Spotify to promote malicious activities.
In a public notice issued on Tuesday, the agency disclosed that the cybercriminals were exploiting the popular music streaming platform to advertise game hacks, pirated software, and spam links that could expose users to cyber threats.
Specifically, the notice indicated that cybercriminals were embedding malicious promotions in playlist names and podcast descriptions on Spotify, adding that these promotions are used to advertise game hacks for popular video games such as Fortnite, GTA, Apex, and Roblox.
Similarly, the agency maintained that they were also promoting pirated software (commonly referred to as ‘cracks’), spam links, and other malicious sites, pointing out that the abuse is said to leverage Spotify’s web player results to improve the search engine visibility of these harmful websites, putting unsuspecting users at risk of malware, scams, and other cyber threats.
It, therefore, cautioned that the exploitation of Spotify could lead to exposure to scams and phishing attacks, downloading of malware that can compromise user devices and Loss of personal and financial data through interactions with malicious websites.
To mitigate the risks to Internet users, the agency advised them to be cautious with suspicious playlists and podcasts and avoid engaging with playlists or podcasts that feature unusual or suspicious text in their descriptions; and that they should not to click unknown links, and also ensure the Spotify app is updated to the latest version to minimise their vulnerabilities.
In addition, NITDA advised Spotify users in the country to remain vigilant and adhere to cybersecurity best practices to safeguard their personal data, information and devices.
It clarified that the websites posing as OpenAI’s popular AI, ChatGPT, were tricking users into downloading malicious files or software to their devices.
