What to Do After a Suspected Fake-Stream Spike
After a suspected fake-stream spike, capture the exact track, UTC dates, Spotify for Artists views, public count, playlists, countries, sources, campaigns, vendors, messages, invoices, and access before anything changes. Pause questionable work where authorized, remove unnecessary permissions, notify your distributor or label, report a suspicious playlist through Spotify, answer notices with supported facts, and monitor without promising reversal.
Lead visual
Release work is a sequence
Plan
date, assets, budget
Deliver
audio, artwork, metadata
Pitch
DSPs, press, creators
Follow
signals after release
Promotion · Safety
Release sequence map
Orient
Put the work in the right order before the public date locks you in.
Check
Upload windows, pitch deadlines, asset readiness, pre-save timing, launch week, and follow-up signals.
Move
A release plan with fewer last-minute fixes and clearer momentum after launch.
Read this as a working sequence for Respond to a fake-stream spike, then use the article below to make the tradeoffs concrete.
Key takeaways
- Snapshot the current state before counts, playlists, campaigns, dashboards, permissions, or messages change.
- Contain only the work and access you can identify while preserving legitimate evidence and business continuity.
- Use neutral classifications until Spotify or the distributor confirms artificial activity for a stated scope.
- Give the distributor, label, or Spotify reporter a track-specific chronology and genuine campaign evidence.
- Track every submission, acknowledgement, charge, action, public change, monitoring check, and unresolved question to closure.
What should happen during the first response cycle?
Stream-spike incident workflow
Ten steps from discovery to closure
- 01
Minute 0
Open a case
Assign an incident owner, timestamp, artist, track, release, observer, first signal, current state, and communication channel.
- 02
Step 2
Capture
Save URIs, UTC range, public count, private views, sources, playlists, countries, listeners, followers, screenshots, and exports.
- 03
Step 3
Preserve
Archive campaigns, links, ads, posts, outreach, vendors, contracts, invoices, payments, reports, messages, access, and notices.
- 04
Step 4
Contain
Pause connected future work or spend where authorized, remove unnecessary permissions, secure accounts, and keep evidence unchanged.
- 05
Step 5
Reconcile
Match the event to prior baselines, release events, source and territory changes, playlists, ads, creators, press, radio, and shows.
- 06
Step 6
Question
Ask vendors neutral written questions about methods, accounts, placements, subcontractors, traffic sources, dates, and supporting records.
- 07
Step 7
Notify
Inform the distributor or label with the track-specific chronology, evidence package, containment actions, questions, and requested next route.
- 08
Step 8
Report
Use Spotify's suspicious-playlist form where supported, preserve the submission, and link its details to the distributor case.
- 09
Step 9
Respond
Authenticate and answer any official notice by its deadline with supported facts, genuine promotion evidence, unknowns, and receipt request.
- 10
Step 10
Close
Record outcome, count and royalty state, charges, content and account state, access removal, contract decision, monitoring, advice, and lessons.
What should the incident record contain?
CASE: STR-2026-014 ASSET: Artist / Track / ISRC / Spotify URI OBSERVED: 2026-07-10 16:20 UTC WINDOW: 2026-07-07 to 2026-07-10 UTC FACT: Streams rose; listeners, source, playlist, and country exports attached CAMPAIGNS: Meta account export and creator post log attached UNKNOWN: Cause and platform classification CONTAINMENT: Vendor campaign paused; editor access removed; records preserved REPORTS: Distributor ticket DK-0000; Spotify playlist report receipt attached NEXT REVIEW: 2026-07-12 16:20 UTC / owner initials
- “FACT”
- States the observation without calling it confirmed fraud.
- “UNKNOWN”
- Keeps proprietary platform classification and missing causation visible.
- “CONTAINMENT”
- Records reversible control actions without destroying the evidence.
- “NEXT REVIEW”
- Prevents the case from disappearing after the first report.
Who owns each response decision?
| Primary responsibility | Boundary | |
|---|---|---|
| Artist or manager | Open case, preserve dashboard and campaign evidence, control accounts and spend, coordinate team, approve communications, and monitor | Does not make Spotify's final classification |
| Promotion provider | Disclose methods, accounts, traffic, playlists, subcontractors, delivery, communications, reports, and incident cooperation | A statement of legitimacy does not replace source records |
| Distributor or label | Authenticate notices, receive evidence, explain current policy and response path, coordinate platform review, and document account action | Cannot promise Spotify's result or timetable unless authorized |
| Spotify | Investigate reported playlists, classify platform activity, correct platform metrics, apply platform policy, and communicate through official routes | Private detection methods are not reproducible from artist analytics |
| Counsel or adviser | Advise on contract, evidence, payment, privacy, accusation, response, liability, termination, and material dispute risk | Operational advice must be tailored to the jurisdiction and facts |
| Finance | Reconcile vendor payment, media spend, distributor charge, withheld revenue, tax, currency, refund, reserve, and final statement | A preliminary dashboard is not a final royalty statement |
Do not promise a clean outcome
Stopping a vendor, reporting a playlist, or proving legitimate ad work cannot guarantee removed traffic, waived charges, restored royalties, reinstated content, account protection, or a fixed review time. Promise only the response work you control.
keep every asset, identifier, notice, and action attached to one case
Which official routes support the incident response?
Frequently asked questions
What should I do first after a fake-stream spike?+
Preserve the current state. Save the track and release URIs, exact UTC window, public count, Spotify for Artists release, song, audience, source, playlist and country views, follower movement, screenshots, and exports. Add every campaign, vendor, playlist, link, post, ad account, payment, message, and notice that overlaps the period. Do not confront anyone or alter records before the snapshot is complete.
Should I stop all music promotion after suspicious streams?+
Stop the questionable campaign, placement, spend, or access you can identify and control, subject to the contract and professional advice. Do not automatically destroy legitimate campaigns that have account-level evidence and no connection to the event. Freeze changes long enough to preserve data, separate each provider and traffic source, document the containment decision, and continue only the work whose method and evidence remain acceptable.
How do I report a suspicious Spotify playlist?+
Use Spotify for Artists to identify the playlist where visible, preserve its URI or URL, owner, track, dates, screenshots, and listener contribution, then submit Spotify's official suspicious-playlist reporter. Include only supported facts. Also inform your distributor or label when traffic, a notice, or a vendor may affect the release. Reporting starts an investigation and does not promise removal, count correction, or protection from later action.
What should I send my distributor after a stream spike?+
Send the artist, track, ISRC, release, platform URI, exact dates, first-observed time, source and country changes, playlist details, public and private data, genuine promotion methods, ad exports, tagged links, creators, press, radio, shows, vendor identity, contract, invoice, reports, messages, containment steps, and any Spotify report. Ask for a case number, required format, deadline, and review path.
Should I publicly accuse the promoter or playlist?+
No. A spike, playlist appearance, or external score does not establish who caused artificial streaming. Public accusations can create legal, safety, and evidentiary risk. Preserve records, ask neutral written questions if appropriate, obtain legal advice for a material dispute, and report through the platform and distributor. Keep public communication factual, narrow, and approved by the responsible team member or counsel.

Get better release strategy in your inbox
Release planning checklists, royalty explainers, and artist strategy notes from Velveteen. No daily noise.
Was this useful? Send a signal or flag a correction.
Keep reading
Pillar guide
Safe music promotion and streaming fraud
An eight-gate promotion safety chain joining provider diligence, written scope, artist-controlled accounts, traffic baselines, anomaly diagnosis, containment, official reporting, and measured follow-up.
Related guide
Fake playlist warning signs
A ten-signal playlist diagnostic separating expected, unexplained, suspicious, and platform-confirmed activity while preserving Spotify, campaign, vendor, playlist, and notice evidence.
Related guide
Artificial-streaming penalties
A twelve-field notice specification separating Spotify actions, distributor policy, provider pass-throughs, affected assets, periods, evidence, response routes, charges, and final outcomes.
Switch distributors without losing streams
Get a sequenced migration checklist that preserves your ISRCs, royalty records, and release availability so nothing breaks when you move your catalog.