Safe music promotion and streaming fraud

What to Do After a Suspected Fake-Stream Spike

Bradley J Simons
Bradley J Simons
4x Juno-nominated producer · founder of Velveteen
The short answer

After a suspected fake-stream spike, capture the exact track, UTC dates, Spotify for Artists views, public count, playlists, countries, sources, campaigns, vendors, messages, invoices, and access before anything changes. Pause questionable work where authorized, remove unnecessary permissions, notify your distributor or label, report a suspicious playlist through Spotify, answer notices with supported facts, and monitor without promising reversal.

Lead visual

Release work is a sequence

1

Plan

date, assets, budget

2

Deliver

audio, artwork, metadata

3

Pitch

DSPs, press, creators

4

Follow

signals after release

A timeline image for launch, pre-save, transfer, and release strategy guides.

Promotion · Safety

Release sequence map

01

Orient

Put the work in the right order before the public date locks you in.

02

Check

Upload windows, pitch deadlines, asset readiness, pre-save timing, launch week, and follow-up signals.

03

Move

A release plan with fewer last-minute fixes and clearer momentum after launch.

Read this as a working sequence for Respond to a fake-stream spike, then use the article below to make the tradeoffs concrete.

Part of the Safe music promotion cluster.

Key takeaways

  • Snapshot the current state before counts, playlists, campaigns, dashboards, permissions, or messages change.
  • Contain only the work and access you can identify while preserving legitimate evidence and business continuity.
  • Use neutral classifications until Spotify or the distributor confirms artificial activity for a stated scope.
  • Give the distributor, label, or Spotify reporter a track-specific chronology and genuine campaign evidence.
  • Track every submission, acknowledgement, charge, action, public change, monitoring check, and unresolved question to closure.

What should happen during the first response cycle?

Stream-spike incident workflow

Ten steps from discovery to closure

  1. 01

    Minute 0

    Open a case

    Assign an incident owner, timestamp, artist, track, release, observer, first signal, current state, and communication channel.

  2. 02

    Step 2

    Capture

    Save URIs, UTC range, public count, private views, sources, playlists, countries, listeners, followers, screenshots, and exports.

  3. 03

    Step 3

    Preserve

    Archive campaigns, links, ads, posts, outreach, vendors, contracts, invoices, payments, reports, messages, access, and notices.

  4. 04

    Step 4

    Contain

    Pause connected future work or spend where authorized, remove unnecessary permissions, secure accounts, and keep evidence unchanged.

  5. 05

    Step 5

    Reconcile

    Match the event to prior baselines, release events, source and territory changes, playlists, ads, creators, press, radio, and shows.

  6. 06

    Step 6

    Question

    Ask vendors neutral written questions about methods, accounts, placements, subcontractors, traffic sources, dates, and supporting records.

  7. 07

    Step 7

    Notify

    Inform the distributor or label with the track-specific chronology, evidence package, containment actions, questions, and requested next route.

  8. 08

    Step 8

    Report

    Use Spotify's suspicious-playlist form where supported, preserve the submission, and link its details to the distributor case.

  9. 09

    Step 9

    Respond

    Authenticate and answer any official notice by its deadline with supported facts, genuine promotion evidence, unknowns, and receipt request.

  10. 10

    Step 10

    Close

    Record outcome, count and royalty state, charges, content and account state, access removal, contract decision, monitoring, advice, and lessons.

What should the incident record contain?

Worked exampleIllustrative case log

CASE: STR-2026-014 ASSET: Artist / Track / ISRC / Spotify URI OBSERVED: 2026-07-10 16:20 UTC WINDOW: 2026-07-07 to 2026-07-10 UTC FACT: Streams rose; listeners, source, playlist, and country exports attached CAMPAIGNS: Meta account export and creator post log attached UNKNOWN: Cause and platform classification CONTAINMENT: Vendor campaign paused; editor access removed; records preserved REPORTS: Distributor ticket DK-0000; Spotify playlist report receipt attached NEXT REVIEW: 2026-07-12 16:20 UTC / owner initials

Constructed example, not a real release
FACT
States the observation without calling it confirmed fraud.
UNKNOWN
Keeps proprietary platform classification and missing causation visible.
CONTAINMENT
Records reversible control actions without destroying the evidence.
NEXT REVIEW
Prevents the case from disappearing after the first report.

Who owns each response decision?

Incident owner map
Primary responsibilityBoundary
Artist or managerOpen case, preserve dashboard and campaign evidence, control accounts and spend, coordinate team, approve communications, and monitorDoes not make Spotify's final classification
Promotion providerDisclose methods, accounts, traffic, playlists, subcontractors, delivery, communications, reports, and incident cooperationA statement of legitimacy does not replace source records
Distributor or labelAuthenticate notices, receive evidence, explain current policy and response path, coordinate platform review, and document account actionCannot promise Spotify's result or timetable unless authorized
SpotifyInvestigate reported playlists, classify platform activity, correct platform metrics, apply platform policy, and communicate through official routesPrivate detection methods are not reproducible from artist analytics
Counsel or adviserAdvise on contract, evidence, payment, privacy, accusation, response, liability, termination, and material dispute riskOperational advice must be tailored to the jurisdiction and facts
FinanceReconcile vendor payment, media spend, distributor charge, withheld revenue, tax, currency, refund, reserve, and final statementA preliminary dashboard is not a final royalty statement

Do not promise a clean outcome

Stopping a vendor, reporting a playlist, or proving legitimate ad work cannot guarantee removed traffic, waived charges, restored royalties, reinstated content, account protection, or a fixed review time. Promise only the response work you control.

keep every asset, identifier, notice, and action attached to one case

Which official routes support the incident response?

Frequently asked questions

What should I do first after a fake-stream spike?+

Preserve the current state. Save the track and release URIs, exact UTC window, public count, Spotify for Artists release, song, audience, source, playlist and country views, follower movement, screenshots, and exports. Add every campaign, vendor, playlist, link, post, ad account, payment, message, and notice that overlaps the period. Do not confront anyone or alter records before the snapshot is complete.

Should I stop all music promotion after suspicious streams?+

Stop the questionable campaign, placement, spend, or access you can identify and control, subject to the contract and professional advice. Do not automatically destroy legitimate campaigns that have account-level evidence and no connection to the event. Freeze changes long enough to preserve data, separate each provider and traffic source, document the containment decision, and continue only the work whose method and evidence remain acceptable.

How do I report a suspicious Spotify playlist?+

Use Spotify for Artists to identify the playlist where visible, preserve its URI or URL, owner, track, dates, screenshots, and listener contribution, then submit Spotify's official suspicious-playlist reporter. Include only supported facts. Also inform your distributor or label when traffic, a notice, or a vendor may affect the release. Reporting starts an investigation and does not promise removal, count correction, or protection from later action.

What should I send my distributor after a stream spike?+

Send the artist, track, ISRC, release, platform URI, exact dates, first-observed time, source and country changes, playlist details, public and private data, genuine promotion methods, ad exports, tagged links, creators, press, radio, shows, vendor identity, contract, invoice, reports, messages, containment steps, and any Spotify report. Ask for a case number, required format, deadline, and review path.

Should I publicly accuse the promoter or playlist?+

No. A spike, playlist appearance, or external score does not establish who caused artificial streaming. Public accusations can create legal, safety, and evidentiary risk. Preserve records, ask neutral written questions if appropriate, obtain legal advice for a material dispute, and report through the platform and distributor. Keep public communication factual, narrow, and approved by the responsible team member or counsel.

Bradley J Simons

About the author

Bradley J Simons

Bradley J Simons is a 4x Juno-nominated producer who makes music as Babbage and founded Velveteen. A former touring musician, he writes about releasing, pitching, and getting paid for music from the artist's side of the desk.

Velveteen notes

Get better release strategy in your inbox

Release planning checklists, royalty explainers, and artist strategy notes from Velveteen. No daily noise.

Improve this page

Was this useful? Send a signal or flag a correction.

Keep reading

Free tool · no signup

Switch distributors without losing streams

Get a sequenced migration checklist that preserves your ISRCs, royalty records, and release availability so nothing breaks when you move your catalog.