New Delhi,UPDATED: Apr 5, 2023 09:03 IST
YouTube is generally the go-to place for tutorial videos, gaming walkthroughs, cooking tips, tech tips, academic tutorials, and so on. The platform is popular across the globe and has over 2.5 billion monthly users, a report by cyber intelligence firm CloudSEK suggested earlier. However, there have been a lot of phishing attempts in the name of the video-sharing platform recently. From malware attacks to money scams, YouTube is being exploited by cybercriminals for their harmful activities. A new scam that is being reported is where cybercriminals and sending emails to users that appear to be directly from YouTube, telling users about the platform’s ‘new rules and policies’. If you have received any such email in the last few days, be sure to delete it as soon as you can as it might be a part of the new scam.
YouTube phishing attempt
A tweet by tech influencer Kevin Breeze revealed details of the new scam. Kevin shared a screenshot of a mail that he received. The email, at a casual glance, appears to be from YouTube informing about their new rules and policies.
The sender of these emails is firstname.lastname@example.org and the email says that YouTube is going to change its monetization rules and policies. It further talks about an ‘official document’ regarding the same and asks users to download the same via a link. To cause panic to the readers, the email also says that the receiver has 7 days to review the document and send a reply or their access will be restricted.
It looks like the email is trying to target content creators primarily because monetization is something that all creators are concerned about. For the unversed, monetization refers to the ability to run ads that you see before, or in the middle of, a YouTube video.
YouTube warns about the attack
YouTube’s official Twitter handle also warned about the phishing attempt and urged users to stay safe.
“Heads up: we’re seeing reports of a phishing attempt showing email@example.com as the sender be cautious & don’t download/access any file if you get this email (see below) while our teams investigate, try these tips to stay safe from phishing,” the company’s tweet read.
How can you stay safe?
You can stay safe from such scams by avoiding clicking on any unauthorised or suspicious links. However, if you absolutely must use the link mentioned in a YouTube video’s description, do run it through a URL scanner first for malware detection. Also, while an email might appear to be legit at a glance, a closer look at it will reveal that it is possibly a phishing attempt.
For instance, take a closer look at the aforementioned email.
Notice how the language seems to be a bit off and not professional enough. Also, the words ‘Loading new videos, Edit old videos, Getting monetization etc’ are randomly written at the end of the paragraph. Moreover, the formatting of the paragraph doesn’t really meet the usual standards. Examining an email closely can help you stay safe from such scams.
Meanwhile, the staying safe from phishing tips shared by YouTube say that scammers might change their tactics but there are ‘signs’ that can help you recognise a phishing email. These signs are the sender’s address being similar to a company you know and trust but has slight variations. Another sign is that the body of the email will often ‘tell a story to trick you into sharing your account log-in information’, or it might also suggest that you click on a link or open an attachment. Also, the phishing email might impersonate a media agency assisting you, and ask you to add them as channel owner.