YouTube is one of the best places on the internet where you get to watch cute videos of kitties, huskies, and also other videos from your favorite channels, YouTubers, artists and so much more.
But now YouTube is becoming a dangerous place, and you might not even notice it. For instance, what if you get a message from your favorite YouTuber, celebrity or channel? At first, you will be thrilled, and you will instantly forget your cyber-awareness skills and good internet behavior.
It’s happening right now, and several people are receiving messages in their YouTube inboxes. Mostly the message seems real as it’s coming from your adored celebrity, it has some grateful texts, and since you’re one of their top subscribers, it has a link to a giveaway prize, gift card, the new Samsung Galaxy S10 and so on. If you get such a message, don’t rush and click on the link. Here’s why.
Как работает фишинг на YouTube?
Similar to other phishing scams, this scam is easy to orchestrate. Cybercriminals set up a similar YouTube account which is nearly identical enough to that of your favorite YouTuber – cybercriminals know this by looking at the comments you leave on various channels. After setting up the account, they use any channel name they want despite what their account name is, YouTube allows this; which is the vulnerability in this case.
Киберпреступники также используют другую функцию YouTube - запрос на дружбу. Любой пользователь платформы может отправить запрос на дружбу любому понравившемуся ему человеку. Если вы не являетесь постоянным киберпровайдером, то с радостью примете запрос на дружбу от якобы знаменитости. В завершение злоумышленники отправят вам красиво составленное фишинговое сообщение со ссылкой.
Последствия
ПоследствияAs it is with any other phishing scam, this YouTube scam is mainly aimed at two things, collecting your personal data as well as making a profit while at it.
Clicking on the link provided in the message takes to a spoofed site with forms where to enter your details and finally participate in a quick survey to win your giveaway prize. If you fill this form, you will be giving away your personal private information such as contacts to cybercriminals willingly.
If you take the survey, you will be redirected to other many sites where you will be giving them traffic and occasionally viewing or clicking some ads here and there. By the time you realize it’s a phishing scam, you will have picked some malware, given away your details and now you’ll be preparing on how to mitigate a cyber-attack.
Способы самозащиты
Способы самозащиты- As it is the first rule in social media, don’t accept friend requests until you truly know who the sender is, and in YouTube, your celebrity’s channel will be marked, official. Also, don’t hurriedly open links on messages.
- Если вы случайно щелкнули по ссылке и попали на сайт с формами, просто закройте эту страницу и продолжайте заниматься другими делами - так вы добровольно предоставляете свои данные.
- Use a reputable antivirus/antimalware; reliable antivirus/antimalware will always alert you or even block malicious/spoofed sites.
- Lastly, use IPBurger VPN. A VPN will protect from phishing scams that are orchestrated by man-in-the-middle attacks especially when you are using free public Wi-Fi.
