People using the free version of the Spotify music service have recently been the targets of malicious advertising. Some users have complained that even when performing no action at all, ads on the site were launching their default web browsers. It is not known at this time what actions the ads do once the new popup is open, but that may just be because no one has figured it out yet.
Malicious ads can do a lot of damage. They can launch attacks, such as hijack users’ traffic, install key loggers, or simply inject malware onto the computer; no one has to click or open anything for these things to happen. That is why making sure your devices are updated with the latest operating system versions and patches is so important. If these attacks are taking advantage of a known issue, having the patches applied will prevent them from hitting you.
In addition, install anti-malware products on all devices that connect to the Internet – including all mobile devices. Mobile malware infections are on the rise and, because of the increase in use of these to do financial transactions and access accounts that store sensitive information, they are not expected to decline soon.
Spotify has taken action and is blocking the suspect ads. If you use the free service and notice a black bar on the web page, that is possibly one such ad. However, because of the ease of getting malware into those ads, Spotify likely has not found them all. So update your computers and devices and make sure your anti-malware products are all updated and running.