Google has its hands full with cybercriminals who break into YouTube accounts and then resell access to these hacked channels so that other criminals can broadcast whatever they want. Such as fake cryptocurrency ads.
According to Google the scammers proceed as follows. First they find the email address of the YouTuber in question quite easily. This is often simply publicly visible on his or her profile. Normally this is a way for advertisers, for example, to get in touch with them.
The hackers send a phishing email to this address, posing as a legitimate-looking party, interested in a collaboration. In reality, victims are tricked into downloading malware, which then steals browser cookies. This allows one to log into YouTube accounts and lock out the actual owner, even if the person has set up two-step verification.
Such a compressed account is then offered on the dark web, for prices as low as 3 dollars each. The more followers an account has, the higher the price, with peaks of up to $4000. The buyer of the account can now post their own videos on it, for example to scam viewers with fake advertising for crypto investments.
Measures
The good news is that Google has targeted the culprits and is taking measures that seem to be working for the most part. Since May, the company has blocked 99.6 percent of these fake emails so that YouTubers don’t see them in their inboxes. That equates to 1.6 million messages. It has also been able to give 4000 victims access to their hacked account.
The hackers appear to come from a Russian internet forum. Google is working with the FBI for further investigation.
