ITCPE Team

Beware of Sophisticated Phishing Scam Targeting YouTube Content Creators

Content creators on YouTube are being targeted by phishing attacks that exploit the Share Video by Email feature. The phishing email is sent from an official YouTube email address (no-reply@youtube.com) to trick the recipients into believing it is legitimate. The email notifies the targets of a new monetization policy and prompts them to view a video. It also includes a Google Drive document link with a password to open it. The attackers give a 7-day deadline to respond, or else the account won't be accessible. This scam is a sophisticated attack that exploits the platform's sharing system.

Social media content creator Kevin Breeze has notified YouTube of the scam and mentioned that the scammers are exploiting the platform's sharing system instead of simply spoofing an email. YouTube is investigating the matter and advising users to be careful. Cybercriminals use urgency to make users act impulsively, so it's essential to remain cautious.

YouTube never asks for login credentials through email, and users should be wary of responding to unsolicited emails from unknown senders, even if they appear to be from the company's official email. It's important to double-check the URL before clicking on email links and ensure it contains the HTTPS designation for added security. Additionally, enabling two-factor authentication (2FA) can add an extra layer of protection against unauthorized access.

Breeze suggested that YouTube remove the Share Video by Email feature completely as the downsides outweigh the upsides.

Share this page: