Google warns of massive phishing campaign targeting YouTube content creators. A recent report from Google's Threat Analysis Group reveals that thousands of such channels have been successfully hijacked by hackers, who sell them or commit financial fraud against the channel's viewers. Google says it is actively working against such threats and has restored a number of troubled YouTube channels. However, it warns that many YouTube accounts have been affected by this scam, which can be deleted at any time.
New youtube phishing scam
YouTube has not revealed who was behind the scam. But the report says that the campaign is being carried out on a Russian-language message board and that cookies are being stolen for this. Unlike phishing scams that use fake login pages, malware links or usernames and passwords, YouTube reveals that account hacking is done with a little more personal data and browser-protected cookies when logging in.
Cookie-stealing attacks are more costly and expensive than the average phishing scam, and are only effective if the user has not logged in and deleted their cookies before using the login cookies. However, cookie theft is one of the only practical options left for hackers.
Like other phishing and malware attacks, successful cookie theft requires the user to download and install malware files or apps on their computer. To reverse this, hackers tried to deceive their victims using social engineering techniques. YouTuber was asked to 'review' VPNs, anti-virus apps or video games. Once YouTube agrees to test the product, hackers send malware-infected files that collect the user's YouTube channel login cookies. Files are encrypted so that they can bypass anti-malware and anti-virus apps, making it difficult to intercept files before they reach the user's computer.
Because those cookies are at hand, hackers can take over the channel without the need for the channel's username or password. They will use hijacked channels to carry out financial frauds such as fake donation campaigns, fake cryptocurrency schemes and more against YouTube's audience. In some cases, the group sold small channels to other hacking groups for $ 3 to $ 4,000.
How can you stay safe
As for the affected channels, YouTube says it has successfully restored about 4,000 accounts. This is good news for victims of fraud, but these figures show just how big and dangerous fishing campaigns can be. That's why Google recommends two-factor authentication for all accounts. If it's not enabled on YouTube, Google says now's a good time to turn it on. Here, none of the cyber security features are 100 percent effective. However, as each account generates unique passwords, 2 factor authentication makes it very difficult for hackers to break-in in the first place. Don't forget to scan the downloaded files regularly and turn on the browser's highest browsing security mode.