Did you know that YouTube has 23 million content creators worldwide? Well, it turns out that many of these video gurus found themselves in the middle of a cybersecurity calamity this past weekend. According to Forbes, reporter Catalin Cimpanua discovered a massive spear phishing campaign targeting YouTube content creators, tricking them into giving up their login credentials.
How are cybercriminals using this sneaky tactic to swoop victims’ logins? Cimpanua discovered that hackers leveraged a substantial database to send emails to a targeted list of YouTube influencers. These emails contained phishing links luring the victims to fake Google login pages. Once the YouTuber filled out their login credentials, the attacker gained full access to the victim’s YouTube account, allowing them to change the vanity URL. This leaves the actual owner of the channel and their subscribers believing that the account has been deleted. Additionally, some of the accounts that were successfully hacked utilized two-factor authentication (2FA) via SMS, suggesting that cybercriminals used a reverse proxy. This type of proxy server collects resources on behalf of another server, allowing a cybercriminal to intercept 2FA codes sent over SMS in real-time.
Those targeted in this phishing scheme include mostly influencers covering a variety of genres, especially technology, music, gaming, and Disney. But with millions of content creators using YouTube as a platform to share their insights with the world, it’s critical that all users follow proper cybersecurity precautions to protect their credentials. So, what are some proactive steps YouTubers can take to ensure that their accounts are kept safe and secure? Check out the following tips:
- Be on the lookout for phishing emails. If you receive an email from a company or business asking you to confirm your credentials, be skeptical. Phishers often forge messages from legitimate companies hoping to trick users into entering their login details.
- Think before you click. Before clicking on a link, especially one in a suspicious email, hover over it to see if the URL address looks legitimate. If the URL contains misspellings, grammatical errors, or strange characters, it’s best to avoid interacting with the link.
- Use two-factor authentication apps. While two-factor authentication is by no means an end-all, be-all security tactic, it does provide a good first line of defense if a hacker attempts to hijack your account. For this particular scheme, cybercriminals were able to bypass 2FA via SMS and intercept security codes. Therefore, users need to look into authenticator app options rather than simply relying on a code sent over SMS.