Can You Spot(ify) the Fake?

I'm old enough to remember walking to the neighborhood record shop, buying a record, taking it home, and listening to it. My biggest worry was that the record might have a scratch on it, or might even be warped. Oh, how times have changed.

These days, when I buy music, my credit card information might be compromised, my passwords might be stolen, my identity might be stolen, my webcam might be turned on, and my computer might be locked up until I pay a ransom. Think it won't happen to you? Well, if you've clicked on Spotify recently, it may already be too late.

Spotify, a Swedish corporation, is one of the world's biggest music streaming providers. At last count, it had over 356 million active users in 178 countries. It hosts more than 70 million songs. Its basic service is free with advertisements and some limitations. Or, you can buy a subscription to unlock all the goodies. If you haven't tried Spotify, you should check it out. It really is an excellent service. But be careful.

Spotify's global popularity makes it an obvious target for fraud. Bad people have set up fake Spotify sites (in addition to other fake sites). Cybersecurity firm ESET discovered the insidious campaign. You see what appears to be a legitimate advertisement for Spotify (the image shown here is a screenshot of the fake site alongside the real site). What happens next depends on how the particular attack is being carried out. In one example, when you click on the ad, you are taken to a fake Microsoft Store site and an app is automatically downloaded. The zip file might have a sincere-sounding name, but it contains a copy of Ficker or FickerStealer. That is information-stealing Trojan malware and if you unzip the file and launch the executable program, the malware will immediately begin harvesting data from your computer.

A relatively new pox on society, Ficker seems to have surfaced in January on Russian hacker forums when its developer allowed others to rent the malware for anywhere from one week to six months. Saved login credentials, passwords, cryptocurrency wallets, documents and other personal data are all at risk, and the hackers can take screenshots of your computer. Ficker neatly and stealthily compiles all this, zips it, and sends it back to the bad people. Civility precludes me from mentioning what Ficker translates to in German.

So, next time you are in the mood for some streaming music, be aware of bogus web sites mimicking Spotify. For unknown reason, the attacks, so far, have mainly been directed at users in South America. Of course, the attack can be directed to anywhere. And of course, this isn't meant to be a knock on Spotify; it's just another reminder that any site can be spoofed.

As always, think twice before you click, check the URL carefully, change your passwords frequently (I know, I know), make sure your firewalls are up, and periodically run antivirus scans on your system. If you find yourself a victim of Ficker, change your online credentials immediately and run an antivirus scan. And check to make sure your records aren't warped.

PS: The fake site is on the left.

COMMENTS
hk2000's picture

I spotted the fake immediately. But that maybe because I'm a long time Spotify subscriber.

X