20.5k unique visitors in the last 3 days

Artificially Inflated Traffic from Bots Makes Spotify Remove Thousands of AI-Generated Songs

Spotify removed about 7% of all songs uploaded from Boomy, a platform that uses automation to create new songs 'in seconds'.

If criminals can make money by inflating network traffic then criminals will make money by inflating network traffic. That is the moral of the story as Spotify, the music streaming platform, struggles to deal with the interaction between machine-generated songs and bots that mimic the behavior of human users by streaming music solely to generate revenue for the music’s owners. As the Financial Times reports:

Spotify, the largest audio streaming business, recently took down about 7 per cent of the tracks that had been uploaded by Boomy, the equivalent of “tens of thousands” of songs, according to a person familiar with the matter.

Recording giant Universal Music had flagged to all the main streaming platforms that it saw suspicious streaming activity on Boomy tracks, according to another person close to the situation.

The Boomy songs were removed because of suspected “artificial streaming” — online bots posing as human listeners to inflate the audience numbers for certain songs.

Boomy is an American business that launched in 2021. It advertises itself as making generative music with artificial intelligence. Users give a description of the kind of music they would like to listen to, then Boomy’s algorithms generate a new song from that description. Boomy says more than 14mn songs have been created using their system. This means somebody with no musical talent can use Boomy to rapidly produce an original song, then upload it to Spotify in the hope of receiving royalty payments each time the song is streamed.

In addition to removing songs made using Boomy, Spotify also interrupted the pipeline of uploads from Boomy. The ability to upload from Boomy to Spotify was restored less than a week later. Nobody has suggested that Boomy is artificially generating traffic. However, Boomy is not shy about encouraging users to make money. The following messages are presented near the top of their home page:

Create original songs in seconds, even if you’ve never made music before

Submit your songs to streaming platforms and get paid when people listen

As the Financial Times points out, it is also easy to find websites which promise to generate thousands of new plays for a song on Spotify in exchange for payment. Streaming platforms need to be wary of bot accounts becoming so numerous that the cost to criminals of using a bot to play a track is lower than the royalties they receive when the track is played. Businesses like Spotify can change the cost dynamic by both removing bot accounts from their platform and by removing the content that is played by the bots.

There are other ways to artificially generate streaming traffic that do not involve bots creating fake accounts. At the end of 2018, many Spotify users questioned the inclusion of bands and songs they had never heard of amongst lists of the songs they most commonly listened to. Spotify refused to give an explanation, but it is believed access to the accounts had been compromised and they were used to play songs without the knowledge of the genuine account holder.

I am seeing a tendency where the same generic problem of artificial traffic inflation keeps being handled as if each instance is new and unique. Whether it involves making a call, sending a text message, watching a video or playing a song, the fraud of using machines to generate traffic that simulates human behavior is always essentially the same. Many businesses are acting as if they have to begin from scratch when determining how to implement know-your-customer (KYC) controls or how to detect anomalous patterns in user behavior. It is understandable that a business which has fallen victim to fraud will not want to air its dirty laundry in public, but anti-fraud professionals need to avoid being so tightly bound to specific fraud scenarios or narrow industry verticals that the experience they gain from mitigating fraud is never reapplied elsewhere.

The ability of machines to simulate humans will get better and cheaper as time goes on. Meanwhile, there are growing demands for subsidies to pay for network infrastructure to cope with increased volumes of traffic. We cannot afford to be complacent about the problem of artificial traffic clogging networks. The problem of artificially inflated traffic will get a lot worse unless both business and society learns how to reduce the wasteful load and punish the criminals responsible.

Eric Priezkalns
Eric Priezkalnshttp://revenueprotect.com

During his career, Eric has been a Director of Risk Management for a national telco, the Chief Executive of the Risk & Assurance Group, a Chief Marketing Officer for a software business, a consultant, a public speaker and the publisher of Commsrisk since its launch in 2006. Look here for more about the history of Commsrisk and the role played by Eric.

The comms providers that Eric has worked for include Qatar Telecom, Cable & Wireless, T‑Mobile, Sky and Worldcom. In addition to his proficiency at speaking about the current scamdemic, Eric is also a qualified chartered accountant and a subject matter expert in consumer protection, enterprise risk management, fraud prevention, data integrity and billing accuracy. Eric was the lead author of Revenue Assurance: Expert Opinions for Communications Providers, published by CRC Press. He can be reached through the contact form on this website.

Related Articles

The Commsrisk Global Fraud Dashboard


Our Global Fraud Dashboard uses AI-powered search to collate, update and visualize data about scams and other network abuses from around the world. New charts are added each month. See it here.

Get Our Weekly Newsletter by Email