In recent months, a new scam on YouTube that has put hundreds of content creators at risk. Cybercriminals are using strategies of social engineering to trick YouTubers into posting fraudulent links that contain malwareOnce these creators' followers download the malicious file, their devices are compromised.
This type of attack not only represents a threat to content creators, but also to their followers, who can infect their computers with Trojans designed to steal personal and financial information. Below, we'll explain in detail how this scam works, what its consequences are, and what you can do to protect yourself.
How does this new YouTube scam work?
The attackers They pose as legitimate companies They develop software to circumvent internet restrictions or popular tools. They then contact content creators and inform them that they are infringing copyrights by mentioning their supposed applications in a video.
To avoid alleged legal issues with the platform, they ask them to update the link in the video description and include a new one they provide. Unbeknownst to them, the creators end up including a fraudulent link that leads to a file download. trojanized.
What happens after downloading the file?
When a user downloads and installs the malicious file, their device becomes infected with infostealer malware. This type of software is especially dangerous because its objective is steal stored credentials in browsers, access emails, bank accounts and even extort money from the victim.
Confirmed cases of victims
Investigations of Kaspersky y ESET reveal that this attack has been massive and has affected thousands of content creatorsOne of the most striking cases was that of a channel with over 60 subscribers that unknowingly promoted the malicious link in the description of its videos. As a result, more than 40 users downloaded the file before it was deleted.
What are the consequences of YouTube scams?
- Loss of access to accounts personal and professional
- Possible theft of funds if banking credentials are compromised
- Demonetization and channel closure from YouTube for sharing malware
How to protect yourself from this YouTube scam campaign?
If you're a YouTube content creator or a frequent video viewer on the platform, it's critical that you take precautionary measures to avoid falling prey to these types of malicious schemes.
Recommendations for content creators
- Do not trust emails or messages that ask you to modify links.
- Verify the authenticity of the senders before responding to any suspicious requests
- Avoid downloading attachments without first scanning them with an antivirus
- Enable XNUMX-Step Verification in all your accounts
Tips for YouTube users
- Do not download files from unknown links
- Be wary of videos that promise free downloads paid software
- Use security tools such as antivirus and antiphishing systems
These types of attacks pose a risk to both YouTube content creators and their followers. It's crucial that all users of the platform be aware of the dangers and take steps to prevent them. protect oneself of possible threats. Share this information and help other users stay up to date with the latest news..