Image credit: ESET

A wave of scams are hitting websites including misleading advertisements for Spotify Premium.

Internet crawlers have noticed an increase in scams online pretending to be legitimate services and companies like Spotify and Microsoft. Amongst the variety of brands being imitated, Spotify’s music streaming service has been used by scammers to direct unwitting users towards malware.

Spotify seem to have been targeted under a fake bundle deal with YouTube Premium. The fake links offer a free trial of both Spotify Premium and YouTube Premium for 90 days. Users are instructed to a button reading ‘Download Free App’ which will then download onto their computers. The app however is neither service and actually a malware virus.

As direct competitors – since YouTube launched YouTube Music, their own freemium & paid music streaming service – the bundle doesn’t make any sense and would never exist in reality. Likewise the download containing the virus comes in at roughly 1MB in size, whereas the legitimate Spotify app is over 100MB in size.

The download will often put Flicker on the users computer, a malware app capable of taking users’ passwords, taking screenshots of their screen, and stealing documents. The same scam has been spotted using fake versions of the Microsoft Store to mislead users into downloading apps through what might seem like a legitimate app store.

Be wary of false offers and misleading downloads. Ensure that whenever you’re downloading an app it comes from the official website. Spotify app downloads should only come from https://spotify.com.