YouTube, one of the world’s largest video-sharing platforms, has issued a warning to its users about a new phishing scam. Cybercriminals are using YouTube’s own email address to deceive users and steal their login credentials.
3 Key Takeaways
- Scammers are sending phishing emails to YouTube users using the authentic ‘[email protected]’ email address.
- These phishing emails contain a Google Drive link with a password, and urge users to respond within 7 days to avoid losing access to their account.
- To stay safe, users are advised to be cautious when opening emails, avoid responding to unknown senders, review emails carefully, and enable two-factor authentication.
YouTube has confirmed that it is investigating this phishing attack and advises its users to stay cautious.
How are scammers conducting this phishing scam?
The scammers are exploiting YouTube’s ‘Share Video by Email‘ feature to conduct their phishing scam. This feature enables users to share videos via email with their contacts.
The scam begins when scammers send phishing emails to users, which appear to be coming from YouTube’s legitimate email address [email protected].
What is the content of the phishing email?
The phishing email appears to be legitimate and includes a YouTube video, along with a message that informs users about YouTube’s new monetization policy and new rules.
Title seems to be: YouTubeTeam sent you a video:”Changes in YouTube rules and policies | Check the Description”
The email also contains a Google Drive link that requires a password to open. To create a sense of urgency, the email tells users that they have only seven days to review and respond; otherwise, their YouTube access will be restricted.
What happens if users enter their information in the Google Drive link?
If users enter their login credentials in the Google Drive link, their YouTube account will be hijacked by the scammers.
This is concerning because many YouTube users log in to their account using their Gmail account. If their YouTube account is hijacked, their Gmail data will also be stolen.
How can users stay safe?
YouTube advises users to be cautious and vigilant. They should avoid responding to messages sent by unknown senders, even if they appear to come from the company’s official email address. It is also essential to review emails carefully and enable two-factor authentication.
Expert’s comment
Vonny Gamot, Head of EMEA at online protection company McAfee, has advised users to be aware of the signs of phishing scams. Although the sender address may appear to be legitimate, there are some tell-tale signs that the email is a scam.
Conclusion
Phishing scams like this one are becoming more common, and it is essential to stay cautious and vigilant. It is also important to share this news with friends and family to help them avoid falling victim to phishing scams. Remember, if ever in doubt over the legitimacy of an email or link, don’t engage with it and go directly to the source.
You might want to learn more about Phishing