Open Forum

YouTube, a popular platform for entertainment and education, has unfortunately become a playground for cybercriminals. According to research by Avast, cybercriminals exploit the platform's automated advertising and user-generated content to propagate their harmful activities, making YouTube a significant channel for phishing and malware attacks.

A particularly concerning trend is the rise of Deep Fake videos. These videos utilize advanced technology to create fake yet very realistic images or videos of people or events, which can mislead viewers and spread false information. In the first quarter of this year, researchers observed multiple popular YouTube accounts, each with over 50 million subscribers, being hijacked to spread cryptocurrency scams using Deep Fake videos.

Cybercriminals also employ tactics such as automated uploads and tricks to enhance search results and make their harmful content more visible. Fake comments are common, deceiving viewers, promoting dangerous links, and exploiting YouTube's algorithms to disseminate cyber threats.

Common Tricks Used by Cybercriminals on YouTube

1. Targeting Creators with Fake Offers: Attackers send personalized emails to YouTube creators with fake collaboration offers. Once trust is gained, they send links to malicious software disguised as necessary tools for the collaboration, leading to account theft or other issues.
2. Malicious Video Descriptions: Attackers upload videos with descriptions containing harmful links, pretending they are legitimate software downloads related to gaming, productivity tools, or antivirus programs, tricking users into downloading malware.
3. Hijacking Channels: Attackers take over YouTube channels through phishing or malware and use them to promote various scams, such as fake cryptocurrency giveaways that require viewers to make an initial deposit.
4. Impersonating Reputable Brands: Attackers create websites that look like those of well-known companies, offering fake software downloads and exploiting users' trust.
5. Tricking Users with Fake Tutorials: Attackers post tutorial videos or offers for cracked software, leading users to download malware disguised as helpful tools. This technique takes advantage of users looking for free access to paid services or software, using YouTube's search and recommendation features to reach more victims.

Key takeaways

1. You never know who you interact with in the always-connected online world. Don't expect celebrities to have a twenty-character password and 2FA set up on their YouTube account. Accounts get hijacked, and credentials are sold every day
2. Be very skeptical when clicking on links in channels, especially if it is a URL shortener
3. Any links leading to the download of software have to raise a big red flag
4. Always inspect the URL you are connecting to before entering any information (especially credentials)

As YouTube continues to grow, so does its appeal to cyber criminals. If you use YouTube to promote your business, be aware of these attacks. If you are a YouTube consumer, be vigilant and follow the best practices above.

#ALTACyber

------------------------------
Genady Vishnevetsky
Chief Info Security Officer
Stewart Title Guaranty Company
Houston TX
------------------------------

So much appreciation for your contributions to us all Genady.  The bad guys are real. Concern is high.

Steve.

------------------------------
Steve Williams CTIP
Vice President
McKnight Title and Partners Title
Fort Worth TX
------------------------------

Original Message:
Sent: 05-31-2024 08:59
From: Genady Vishnevetsky
Subject: Security BUZZ - The Hidden Dangers of YouTube

YouTube, a popular platform for entertainment and education, has unfortunately become a playground for cybercriminals. According to research by Avast, cybercriminals exploit the platform's automated advertising and user-generated content to propagate their harmful activities, making YouTube a significant channel for phishing and malware attacks.

A particularly concerning trend is the rise of Deep Fake videos. These videos utilize advanced technology to create fake yet very realistic images or videos of people or events, which can mislead viewers and spread false information. In the first quarter of this year, researchers observed multiple popular YouTube accounts, each with over 50 million subscribers, being hijacked to spread cryptocurrency scams using Deep Fake videos.

Cybercriminals also employ tactics such as automated uploads and tricks to enhance search results and make their harmful content more visible. Fake comments are common, deceiving viewers, promoting dangerous links, and exploiting YouTube's algorithms to disseminate cyber threats.

Common Tricks Used by Cybercriminals on YouTube

1. Targeting Creators with Fake Offers: Attackers send personalized emails to YouTube creators with fake collaboration offers. Once trust is gained, they send links to malicious software disguised as necessary tools for the collaboration, leading to account theft or other issues.
2. Malicious Video Descriptions: Attackers upload videos with descriptions containing harmful links, pretending they are legitimate software downloads related to gaming, productivity tools, or antivirus programs, tricking users into downloading malware.
3. Hijacking Channels: Attackers take over YouTube channels through phishing or malware and use them to promote various scams, such as fake cryptocurrency giveaways that require viewers to make an initial deposit.
4. Impersonating Reputable Brands: Attackers create websites that look like those of well-known companies, offering fake software downloads and exploiting users' trust.
5. Tricking Users with Fake Tutorials: Attackers post tutorial videos or offers for cracked software, leading users to download malware disguised as helpful tools. This technique takes advantage of users looking for free access to paid services or software, using YouTube's search and recommendation features to reach more victims.

Key takeaways

1. You never know who you interact with in the always-connected online world. Don't expect celebrities to have a twenty-character password and 2FA set up on their YouTube account. Accounts get hijacked, and credentials are sold every day
2. Be very skeptical when clicking on links in channels, especially if it is a URL shortener
3. Any links leading to the download of software have to raise a big red flag
4. Always inspect the URL you are connecting to before entering any information (especially credentials)

As YouTube continues to grow, so does its appeal to cyber criminals. If you use YouTube to promote your business, be aware of these attacks. If you are a YouTube consumer, be vigilant and follow the best practices above.

#ALTACyber

------------------------------
Genady Vishnevetsky
Chief Info Security Officer
Stewart Title Guaranty Company
Houston TX
------------------------------