INDIANAPOLIS — YouTube is warning users to be on the lookout for a realistic-looking phishing scam.
According to YouTube, the scam is so good that it’s hard to tell if the email is coming from the scammer or YouTube’s official email account.
On Twitter, YouTube said “Heads up: we’re seeing reports of a phishing attempt showing email@example.com as the sender. Be cautious & don’t download/access any file if you get this email.”
The scammers have apparently figured out how to exploit YouTube’s Share Video by Email feature in order to craft the bogus message. The message is about “Changes in YouTube Rules and Policies.” It includes a video and links for you to click. However, if you click it and enter the required information, the hackers can hijack your account.
Falling for this scam can be very dangerous because so many people use their Gmail credentials to log into YouTube these days, so the hackers could gain access to your Gmail account through this method.
Although the email looks realistic, there’s also a big red flag involved; it warns that you have seven days to review and send a reply or you could lose access to your account. That’s a classic tactic used by scammers to create urgency so you act impulsively. YouTube says its security team is investigating the scam.
YouTube says if you get this email, you should delete it right away. It’s also a good idea to enable two-step authentication on your account. That way, if someone tries to sign into your account on a different device, YouTube will send you a code that you have to verify. You can sign up for two-step authentication on YouTube and Google’s security page.