YouTube is the latest social media company to report a phishing scam that could pose a serious risk to users. The company has warned that a very serious scam is currently running on the platform, and anyone using the site should be aware of it going forward.
In a tweet, the tech giant said: “Heads up: we’re seeing reports of a phishing attempt showing firstname.lastname@example.org as the sender. Be cautious & don’t download/access any file if you get this email.”
YouTube has said that users shouldn’t open the email under any circumstances. The company also explains that just because an email address looks real, it doesn’t necessarily mean that it is, and users should always be vigilant and cautious when it comes to protecting their online security.
On Twitter, tech influencer Kevin Breeze shared a screenshot of the email, which can be viewed here. The email appears to be from “YouTube”, and the subject reads “Changes in YouTube rules and Policies. Check the Description.”
It goes on to provide a link with access to a document on Google Docs, along with a security password. It advises the recipient to read the document urgently within the next 7 days.
However, YouTube says that scammers are hoping people who receive the email click on the link without checking the email address properly. The email address is similar to YouTube’s but is slightly different and redirects the user to a phishing scam.
The company has advised that users always check the email address of any messages they receive to make sure it matches the sender’s name exactly. They should also check the message headers to see if the name is correct. Another step people can take is to check that the email is authenticated.
YouTube’s security team also advised: “To protect your Google/YouTube Account, we strongly recommend enabling 2-step Verification. When this is enabled, if someone tries to sign in from a new device or location, Google will send you a unique code for an added layer of security. This helps prevent unauthorized people from accessing your account.”