Multiple Spotify users have been complaining that their official listening history on Spotify appears to have been infiltrated by acts that they don’t simply recognize.
The trend was spotted by the BBC, which reported on Friday (January 25) that plays of ‘mystery’ tracks from artists such as Bergenulo Five, Bratte Night, DJ Bruej and Doublin Night were being credited within individual Spotify user accounts – despite these same users knowing nothing about this music.
“Apart from being musically unremarkable, they generally have a few things in common: short songs with few or no lyrics, illustrated with generic cover art, and short, non-descriptive song titles,” said the Beeb of these acts – some of whom had managed to rack up tens of thousands of plays.
Albums from these artists contained more than 40 songs apiece, with each track just a minute or two in duration.
After the BBC alerted Spotify to the trend, all of these artists disappeared from its platform entirely.
The BBC offers one possible explanation for how the fake streams of these ‘fake artists’ came to be.
Up to 50m Facebook accounts were left exposed due to a cyber-security lapse in September last year, it notes, which potentially enabled a third-party to get hold of ‘access tokens’ linked to Spotify user profiles. The logic here makes sense, because the fake plays reported by the BBC took place from October 2018 onwards.
Yet it can’t be true. Not only because Facebook and Spotify deny that any security breach of these ‘access tokens’ took place. But because MBW has evidence that very similar fake artists were actually being attributed very similar fake streams on Spotify as early as March last year.
That’s when we were first sent the following images from an eagle-eyed music industry insider, who had spotted that on their ‘Recently Played’ Spotify page, a number of artists they’d never heard of (or, indeed, heard) were listed.
These artists included Mientacz, Sofiacz, Smok, Gumbay, Trikoo and Artur Karbowniak.
Interesting: all of these artists are now nowhere to be found on Spotify.
(Our source added the red question marks to indicate artists they didn’t recognise; MBW has removed any genuine tracks/albums/playlists from these images.)
We have found, however, that music from two of the artists listed above – Twees and Yugimo – is still available on Spotify right now.
On their artist profiles, in the the area where Spotify usually details who owns the rights to such music, each contains just the artist name and the year (see below) – a hallmark of the ‘fake artists’ initially exposed by MBW in 2017, denoting their entirely independent status.
“I’ve had some really weird activity on my account recently that wouldn’t surprise me if it’s linked to some kind of scam,” said our industry friend when they sent the above over to us last year, adding: “[Some of my] ‘recently played’ list is music I have definitely not played – and the artists/albums look shady to me.”
They told us that they’d been in touch with the SpotifyCares customer service team over the matter, who’d told them: “We’ve checked your account and don’t see anything unusual.”
Thanks to the BBC report, we now know that comment from SpotifyCares was exactly right; this wasn’t unusual, because it happened to numerous other people in 2018, too.
What we don’t know is who has managed to attribute fake plays to fake artists on individual Spotify user accounts.
It won’t shock you to hear that, according to senior execs MBW has spoken to this weekend, some figures at major labels are already wondering aloud if Spotify itself is responsible.
“It’s a first-party Spotify ploy to dilute total streams, just like ‘fake artists’ – I can smell it,” one of these record company execs told us yesterday.
That comment is, of course, is best chewed-over with additional context: those same labels remain firmly un-delighted by the fact that pseudonymous (ie. ‘fake’) artists, created by musicians signed to Epidemic Sound, are continually getting placed on key first-party Spotify playlists (Music For Concentration, Ambient Chill, Deep Focus etc.), and racking up millions of streams as a result.
“These artists were removed because we detected abnormal streaming activity in relation to their content.”
Earlier today (January 27), MBW asked Spotify what it thought about suggestions the company might have fiddled with its own user account play-counts.
A spokesperson for the firm didn’t offer a direct answer to that question, but did comment: “We take the artificial manipulation of streaming activity on our service extremely seriously. Spotify has multiple detection measures in place monitoring consumption on the service to detect, investigate and deal with such activity.
“We are continuing to invest heavily in refining those processes and improving methods of detection and removal, and reducing the impact of this unacceptable activity on legitimate creators, rights holders and our users.”
In relation to the removal of these artists, they added: “These artists were removed because we detected abnormal streaming activity in relation to their content.”
Adding to the intrigue: MBW understands that all of the music from these ‘mystery’ artists was uploaded to Spotify via a third-party distribution service.
Yet if Spotify’s not in control of these shady antics… who else could be pulling the strings?
Is it really plausible that a third-party would be able to gain access to individual user accounts on the platform? And if so, isn’t that a major-scale security breach?
Our mind is naturally sent back to this time last year, when MBW discovered the now-infamous ‘Bulgarian scam’ – which involved a party uploading music to Spotify, before purchasing thousands of paid Premium accounts, and rinsing plays of their music till they saw a return.
MBW estimates that return ended up at over $1 million before Spotify pulled their tracks from its platform.Music Business Worldwide