Over the weekend, high-profile YouTubers have been targeted by cybercriminals in what seems to have been a highly coordinated, massive attack.
According to a ZDNet investigation, many accounts belonging to well-known YouTubers within the car community appear to have been hijacked. It also seems that the attack has been directed towards “influencers” across many YouTube channel genres, in particular technology, music, gaming and Disney. With more than 23 million YouTube channels, anyone who creates content should be alarmed and take action.
The investigation points towards a coordinated phishing campaign. With this approach emails are sent to people to be targeted from the list of YouTuber influencers, luring them to a fake Google login page. This is used to harvest their Google account credentials, which then give the attacker access to YouTube accounts. These are then transferred to a new owner and the vanity URL changed. The actual owner of that channel and those who subscribe to it are left thinking the account has been deleted.
According to an expert – James Houghton, CEO at security awareness training platform Phishing Tackle – “this attack relies on an individual clicking and following a click before checking the basics.” He says that the problem primarily comes down to a “lack of knowledge surrounding what to look out for in a phishing email and conversely what to look for in a legitimate email.”
These phishing emails are usually constructed well and “can look genuine at first glance, even to the trained eye,” says Jake Moore, cybersecurity specialist at ESET. “Telltale signs such as the link shown in the body of the email or even questioning why you have been sent it in the first place should be enough to pause your actions,” Moore says.
For more on this topic, take a look at this article in Forbes magazine.