This dangerous phishing attack can fool everyone - Inc News
, author: Plackhin A.

This dangerous phishing attack can fool everyone

Over the past few days, a phishing attack has become known to be perpetrated through YouTube. But what was really striking was its sophistication, as it is capable of fooling anyone in the world.

The recent YouTube phishing attack demonstrated once again that hackers' ingenuity is always a few steps ahead, no matter how much effort platforms put into improving security. In the past few days, hackers have run a phishing campaign posing as a popular video platform owned by Google. But what really drew attention was that the emails used were sent from the address.

This means that the phishing attack was conducted through YouTube's official communication channel. However, this does not mean that the hackers stole the official email address for malicious use. They used a system that allows videos to be shared via email, getting dangerously effective results.

Official details of this phishing campaign have not been released, but it has been established how the attack worked in general. Attackers created YouTube channels with names similar to the official ones - such as YouTubeTeam - and uploaded videos left listed as private. Thus, the content could not be found by users through the search engine.

These videos had headlines such as "Changes to YouTube rules and policies | Read the description". While the description itself stated where the phishing attack took place. There, the hackers entered a link to Google Drive, where victims had to enter their account information because they would supposedly lose it otherwise. As you can probably guess, the information ended up in the hands of the attackers, who gained control of the attacked YouTube channel and the linked Gmail account.

But what's really important here is the way the malicious messages spread. As we said at the beginning, the campaign was conducted via ; that is, an official email from YouTube. An email video sharing tool was used to do this.

When a private video was emailed, a message was generated with the headline included in the subject line of the email. In this way, victims would receive a message that said, for example, "YouTubeTeam sent you a video: changes to YouTube rules and policies | Read the description." With a headline that looked like an official message, and an official YouTube sender, it's impossible for any person not to be subjected to this phishing attack. At least until the social media alerts went off.

The big problem here is that this phishing campaign has managed to break one golden rule that has so far guaranteed to prevent such hacks: sender authentication. Until recently, verifying the email address was the easiest way to know if we were victims of a phishing attack. But obviously, that's not enough anymore.

Changes to mitigate the phishing problem

In the case of YouTube, changes have been made in recent days to try to prevent further use of the option. Specifically, it was decided to change the format of the messages that are accepted when someone sends you a personal video. Instead of stating the title of the video in the subject line, the email simply says, "A personal video has been provided to you." However, nothing guarantees that this will be enough to avoid falling into the trap.

Understandably, phishing attacks are constantly evolving, so you should always be on your guard. If you receive emails that seem suspicious, don't click the links contained in them and don't download attachments. It doesn't matter if they came from a legitimate address. A quick Google search will help you determine if it's a legitimate campaign or a phishing attempt.

Read also: Microsoft has stopped warranty repairs for Xbox in Russia.