We are quite used to see well known brand names being used in phishing spam campaigns that lead to spam websites, usually online pharmacies. We’ve seen eBay, Amazon, Yahoo, Google, Microsoft, Facebook, Twitter, LinkedIn and so on.
It is to us still a question why do the spammers try so hard to create phishing messages which use these known brands, because the only result is that they will get blocked faster.
Now it is time for YouTube and Tagged.
The Tagged phishing campaign is a classical one, using a well established social engineering trick: show pictures of beautiful women and ask men that they have to click in order to see “more”.
The YouTube spam campaign is much better made. There are actually quite a large number of different messages being used to spread the word.
We have seen the following texts coming quite often:
- YouTube Content Service sent you a notification: Your video has been approved
- Your video has been rejected
- Terms of use violation
- You are on the 2nd place.
- Congratulations, your video has been approved
- YouTube Service sent you a message: Your video on the TOP of YouTube
- Congratulations, Your video on TOP10
Some of these emails are quite nicely done, because they seem to be created specially for the email address to which they were sent.
We strongly advise all users to simply delete such messages.
Sorin Mustaca
Data Security Expert
Leave a reply