YouTube is one of the best places on the internet where you get to watch cute videos of kitties, huskies, and also other videos from your favorite channels, YouTubers, artists and so much more.
But now YouTube is becoming a dangerous place, and you might not even notice it. For instance, what if you get a message from your favorite YouTuber, celebrity or channel? At first, you will be thrilled, and you will instantly forget your cyber-awareness skills and good internet behavior.
It’s happening right now, and several people are receiving messages in their YouTube inboxes. Mostly the message seems real as it’s coming from your adored celebrity, it has some grateful texts, and since you’re one of their top subscribers, it has a link to a giveaway prize, gift card, the new Samsung Galaxy S10 and so on. If you get such a message, don’t rush and click on the link. Here’s why.
How does YouTube phishing work?
Similar to other phishing scams, this scam is easy to orchestrate. Cybercriminals set up a similar YouTube account which is nearly identical enough to that of your favorite YouTuber – cybercriminals know this by looking at the comments you leave on various channels. After setting up the account, they use any channel name they want despite what their account name is, YouTube allows this; which is the vulnerability in this case.
Cybercriminals also take advantage of another YouTube feature – the YouTube friend request. Anyone on the platform can send a friend request to whomever they like. If you are not cyber ware all the time, you will gladly accept the friend request from your purported to be a celebrity. Lastly, cybercriminals will send you a nicely composed heart-warming phishing message with a link.
Consequences
As it is with any other phishing scam, this YouTube scam is mainly aimed at two things,