On April 5, 2023, YouTube tweeted about an ongoing phishing campaign using a legitimate email address from the video-sharing platform. “Heads up: we’re seeing reports of a phishing attempt showing firstname.lastname@example.org as the sender. Be cautious & don’t download/access any file if you get this email,” the platform thus states.
The cybercriminals cleverly used a now little-used feature of YouTube, video sharing by e-mail. The latter generates automatic messages sent from the address “email@example.com”. The hackers then created a video from a channel with an apparently official name, TeamYouTube, whose title announces changes in YouTube’s policy.
This gives the impression of an official communication. The cybercriminals added a message to the email stating that the recipient should act quickly to avoid losing access to their online videos or money earnings. To prevent this, the recipient had to click on a link, which allowed the cybercriminals to steal sensitive data from them.