Kaspersky has highlighted the surge in attempts to access phishing resources mimicking Google services. In January 2023, experts witnessed a 189% increase in attempts worldwide, (compared to December 2022), with the trend set to continue in February. Such phishing pages are designed to lure unsuspecting users into giving up their login credentials, allowing attackers to gain access to multiple users and accounts within a company’s ecosystem.
Google’s YouTube video hosting platform is a particular target for fraudsters, as they can use it to rapidly achieve their goals. Kaspersky has observed a fraudulent scheme where attackers gain access to the account of a popular vlogger, change the background and profile avatar, then start broadcasting their own video.
One such video, dedicated to cryptocurrencies and exploits already existing stream with Elon Musk, was used to persuade viewers to follow a QR code shown on the screen. One of the links led to a scam resource allegedly hosting a cryptocurrency raffle, putting users’ money and personal data at risk.
“Phishing attacks continue to evolve and become more sophisticated, with cybercriminals exploiting popular online services like Google to trick users into giving up their personal information. The rise of malicious exploitation of video content, as seen in this recent cryptoscam on YouTube, adds another layer of deception, making it even more difficult for users to distinguish between what’s real and what’s not. It’s essential users take proactive steps to secure their accounts and data, such as using strong passwords, two-factor authentication, and reliable security solutions,” comments Roman Dedenok, a security expert at Kaspersky.
To stay protected from such threats, users are advised to use strong and unique passwords, set up two-factor authentication, be cautious of suspicious emails and messages and verify the authenticity of sources among other safety measures.