CyberSecurityBoard
Sponsor Register Login

YouTube warns of AI-generated video of its CEO used in phishing attacks

The description of the video linked in the phishing emails asked those who open it to click a link that brings them to a page (studio.youtube-plus[.]com) where they're asked to "confirm the updated YouTube Partner Program (YPP) terms to continue monetizing your content and accessing all features" by signing into their account. Ironically, the phishing emails also warn that YouTube will never share information or contact users via private videos, prompting the recipients to report the channel sending the emails if they look suspicious. YouTube warns that scammers are using an AI-generated video featuring the company's CEO in phishing attacks to steal creators' credentials. The attackers are sharing it as a private video with targeted users via emails claiming YouTube is changing its monetization policy. "We're aware that phishers have been sharing private videos to send false videos, including an AI generated video of YouTube’s CEO Neal Mohan announcing changes in monetization," the online video sharing platform warned in a pinned post on its official community website. YouTube warns not to click links embedded in these emails, as they will likely redirect them to phishing sites that attempt to steal their credentials or infect them with malware. The scammers also create a sense of urgency by threatening that their accounts will be restricted for seven days if they fail to confirm compliance with the new rules (these restrictions would allegedly include uploading new videos, editing old videos, receiving monetization, and receiving earned monetization funds). YouTube provides tips on avoiding and reporting phishing emails in its help center and more details on similar phishing campaigns. After entering their credentials, creators are told their "channel is now pending" and to "open the document in the video description for all the necessary information" (even when entering a random email and password). "Many phishers actively target Creators by trying to find ways to impersonate YouTube by exploiting in-platform features to link to malicious content," the company added. YouTube users have been receiving such emails since late January while the YouTube team says it began investigating this campaign in mid-February. "YouTube and its employees will never attempt to contact you or share information through a private video.

This Cyber News was published on www.bleepingcomputer.com. Publication date: Wed, 05 Mar 2025 15:30:13 +0000


Cyber News related to YouTube warns of AI-generated video of its CEO used in phishing attacks

YouTube warns of AI-generated video of its CEO used in phishing attacks - The description of the video linked in the phishing emails asked those who open it to click a link that brings them to a page (studio.youtube-plus[.]com) where they're asked to "confirm the updated YouTube Partner Program (YPP) terms ...
3 months ago Bleepingcomputer.com
Spear Phishing vs Phishing: What Are The Main Differences? - Almost half of them used phishing to obtain the passwords of users. Highly targeted phishing campaigns against specific individuals or types of individuals are known as spear phishing. It's important to be able to spot phishing in general. For ...
1 year ago Techrepublic.com
What SOCs Need to Know About Water Dybbuk - According to the Federal Bureau of Investigation, BEC costs victims more money than ransomware, with an estimated US$2.4 billion being lost to BEC in the US in 2021. Recently, BEC scammers have been using stolen accounts from legitimate Simple Mail ...
2 years ago Trendmicro.com
YouTube Not Working on iPhone? Here's How to Fix It - If the YouTube app on your iPhone is crashing or will not open, there are various fixes you can try, such as force quitting the app, rebooting your device, and updating its version. Restarting your device provides a fresh start and can address minor ...
1 year ago Hackercombat.com
Combat Phishing Attacks With AI-Powered Threat Protection - According to statistics, 81% of organizations have seen an increase in phishing emails since 2020, with an estimated 3.4 billion emails sent every day. AI-generated phishing emails are a sophisticated and evolving cybersecurity threat. ...
1 year ago Gbhackers.com
Flipping the BEC funnel: Phishing in the age of GenAI - For years, phishing was just a numbers game: A malicious actor would slap together an extremely generic email and fire it out to thousands of recipients in the hope that a few might take the bait. Common among these new techniques was a shift towards ...
1 year ago Helpnetsecurity.com
Google to crack down on third-party YouTube apps that block ads - YouTube announced yesterday that third-party applications that block ads while watching YouTube videos violates its Terms of Service, and it will soon start taking action against the apps. Google exposes numerous APIs allowing developers to integrate ...
1 year ago Bleepingcomputer.com
YouTube Warns of Phishing Emails Attacking Creators to Steal Login Credentials - The video, indistinguishable from authentic footage due to advanced voice and visual synthesis, instructs creators to “confirm” policy changes by logging into studio.youtube-plus[.]com—a phishing domain mimicking YouTube Studio. The attack, ...
3 months ago Cybersecuritynews.com
Hijacked: How hacked YouTube channels spread scams and malware - As one of today's most popular social media platforms, YouTube is often in the crosshairs of cybercriminals who exploit it to peddle scams and distribute malware. Thefts of popular YouTube channels up the game further. By extending the reach of the ...
11 months ago Welivesecurity.com
Latest Adblock update causes massive YouTube performance hit - Adblock and Adblock Plus users report performance issues on YouTube, initially blamed on Google but later determined to be an issue in the popular ad-blocking extension. Adblock and Adblock Plus are two ad blockers created by the same developer for ...
1 year ago Bleepingcomputer.com
AI-Powered Phishing Detection - Does It Actually Work? - Unlike traditional methods that rely on identifying known threats, AI-powered systems analyze patterns and behaviors to detect anomalies indicative of phishing attempts. The rise of artificial intelligence (AI) has brought new hope to combating these ...
2 months ago Cybersecuritynews.com
The Future of Phishing Email Training for Employees in Cybersecurity - One common method they use is through phishing emails. To counter this changing threat, companies must give importance to providing phishing email training for employees on identifying and responding properly to phishing attempts. Standard training ...
1 year ago Hackread.com
9 Best DDoS Protection Service Providers for 2024 - eSecurity Planet content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More. One of the most powerful defenses an organization can employ against distributed ...
1 year ago Esecurityplanet.com
Spotting Phishing Attacks with Image Verification Techniques - Phishing refers to the tactic used by scammers who impersonate reputable brands and lure victims to click on suspicious links so that they can breach the privacy and sensitive data of individuals. You can call image-based phishing a relatively ...
2 months ago Cybersecuritynews.com
Phishing Campaign Exploits Open Redirection Vulnerability In 'Indeed.com' - Phishing remains one of the most prevalent challenges facing organisations, with more than three billion malicious emails estimated to be sent around the world every day. Owing to the prevalence of the problem, Verizon's 2023 Data Breach ...
1 year ago Cyberdefensemagazine.com
5 Valuable Skills Kids Can Gain by Playing Video Games - Video games come in all shapes and sizes and can be very educational for children of all ages. Video games can provide children with valuable skills that can help them in their everyday lives. From problem-solving abilities to self-control, learning ...
2 years ago Welivesecurity.com
Phishing kits now vet victims in real-time before stealing credentials - Even if they were allowed to use the real target's address, the analysts comment that some campaigns go a step further, sending a validation code or link to the victim's inbox after they enter a valid email on the phishing page. However, with this ...
2 months ago Bleepingcomputer.com
Splunk: AI isn't making spear phishing more effective - Despite increased concerns, AI tools won't give adversaries an advantage when it comes to sending effective phishing emails, according to new research by Splunk's Surge security research team. In a blog post Thursday, Tamara Chacon, security ...
1 year ago Techtarget.com
SentinelLabs uncovers new CapraRAT spyware targeting Android users - A new report released today by SentinelLabs, the research arm of listed cybersecurity company SentinelOne Inc., warns of a resurgence of CapraRAT spyware targeting mobile gamers and weapons enthusiasts through malicious Android applications. CapraRAT ...
11 months ago Siliconangle.com APT3 Transparent Tribe
Vade Releases 2023 Phishers' Favorites Report - PRESS RELEASE. SAN FRANCISCO, Feb. 15, 2024 /PRNewswire/ - Vade, a global leader in threat detection and response with more than 1.4 billion mailboxes protected, today announced its annual Phishers' Favorites report for 2023. Phishers' Favorites ...
1 year ago Darkreading.com
WebRTC vs. RTSP: Understanding the IoT Video Streaming Protocols - At the moment, there is a constantly increasing number of smart video cameras collecting and streaming video throughout the world. Here's what you need to know about WebRTC vs. RTSP and their suitability for various streaming needs. The Basics of ...
1 year ago Feeds.dzone.com
One Phish, Two Phish, Red Phish, Blue Phish - I sat down for a chat with George Skouroupathis, our phishing expert at Resonance Security. Phishing is often the first step taken by hackers in a larger scam. There are lots of different kinds of phishing attacks, but one of the most prevalent is ...
1 year ago Hackread.com
"Quishing" you a Happy Holiday Season - QR Code phishing scams - What they are and how to avoid them. Originally invented to keep track of car parts in the early 90s, QR codes have been around for decades. Quishing, or QR Code phishing, exploits smartphone users scanning the 2D barcode, ...
1 year ago Netcraft.com
LastPass: Hackers targeted employee in failed deepfake CEO call - LastPass revealed this week that threat actors targeted one of its employees in a voice phishing attack, using deepfake audio to impersonate Karim Toubba, the company's Chief Executive Officer. While 25% of people have been on the receiving end of an ...
1 year ago Bleepingcomputer.com
AI Outperformed Elite Red Teams in Creating an Effective Spear Phishing Attack - By March 2025, their AI spear phishing agent (codenamed JKR) achieved a 23.8% higher success rate than human red teams across all user skill levels. Prompt Engineering for Task Execution: For novel attacks, JKR uses instructions like:- ...
2 months ago Cybersecuritynews.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)