Saturday, October 19, 2019
  • Malvertising on Legitimate Websites, Even The New York Times
  • What is Multi-Factor Authentication (MFA)?
  • Delphix Partner Spotlight on FWD View
  • Get Your Cybersecurity Firing on All Cylinders
  • 7 Cybersecurity Attacks That Can Hurt Your Business and Customers

Security Boulevard

The Home of the Security Bloggers Network

Community Chats Webinars Library
  • Home
    • Cybersecurity News
    • Features
    • Industry Spotlight
    • News Releases
  • Security Bloggers Network
    • Latest Posts
    • Contributors
    • Syndicate Your Blog
    • Write for Security Boulevard
  • Webinars
    • Upcoming
    • On-Demand
  • Chat
    • Security Boulevard Chat
    • Marketing InSecurity Podcast
  • Library

  • Analytics
  • AppSec
  • CISO
  • Cloud
  • DevOps
  • GRC
  • Identity
  • Incident Response
  • IoT / ICS
  • Threats / Breaches
  • More
    • Blockchain / Digital Currencies
    • Careers
    • Cyberlaw
    • Mobile
    • Social Engineering
  • Humor
Data Security Security Bloggers Network 

Home » Cybersecurity » Data Security » YouTube Attacks to Watch Out For in 2019

YouTube Attacks to Watch Out For in 2019

by Tripwire Guest Authors on June 11, 2019

YouTube, the world’s top provider of streaming multimedia content, keeps reaching new heights in terms of its popularity. Nearly two billion monthly users and five billion videos watched every single day – these impressive statistics speak for themselves, and the numbers are steadily growing year over year. Everybody loves YouTube and so do cybercriminals, only in their very own nefarious way.

Malicious actors are lured by the soaring audiences of this service, hence the potentially huge attack surface and a goldmine of opportunities.

However, compromising the IT architecture of such an advanced technology giant is a hardly feasible objective, even for high-profile crooks with tons of offensive resources at their disposal. The exploitation vectors, therefore, mostly boil down to social engineering scams, but the tactics are more sophisticated than posting fraudulent hyperlinks in comments under viral videos.

The two most common types of attacks include hoaxes targeting YouTube channel owners and ones that zero in on ordinary visitors who routinely visit the service to watch videos of interest.

Let’s see what scams are currently dominating this particular cybercrime ecosystem.

Malefactors wheedling out YouTubers’ passwords

Fraudsters may impersonate YouTube support to dupe active users into disclosing their credentials.

One of the latest attempts that gained a great deal of publicity was reported in early May 2019. The owner of a fairly popular YouTube channel called TeslaJoy received a phishing email from a sender claiming to be the “YouTube Team.” This message was camouflaged as an alert regarding multiple violations allegedly detected during the site’s account review process.

The con artist further emphasized that they needed a more in-depth analysis to sort out the issue. In order to expedite the process, the targeted YouTuber was instructed to provide additional details, including the channel password. Obviously, a genuine support team would (Read more...)

*** This is a Security Bloggers Network syndicated blog from The State of Security authored by Tripwire Guest Authors. Read the original post at: https://www.tripwire.com/state-of-security/security-data-protection/youtube-attacks/

June 11, 2019June 12, 2019 Tripwire Guest Authors Cybersecurity, fake survey, IT Security and Data Protection, malicious actor, scam, YouTube
  • ← Vulnerability Management Program best practices
  • Visit Bromium at 614Con, June 13-14, 2019 →
Learn more at DevOpz.io

Subscribe to our Newsletters

Get breaking news, free eBooks and upcoming events delivered to your inbox.
  • View Security Boulevard Privacy Policy

Most Read on the Boulevard

To Determine Insider Threat Risk, Chart It Out
Getting on Top of Enterprise Cyber Risk Management
Sudo Read This Warning About LPE Bug in Sudo
Hackers Impersonating Other Hacker Types
Health Care and HIPAA-Compliant Data Storage
Phishing Tool Analysis: Modlishka
Is Business Email Compromise a “cyber attack?”
"Welcome to Video" raid leads to 337 arrests due to Bitcoin Exchanges that use strong KYC
Top 10 Website Hardening Tips
Most Americans Don’t Know What 2FA is, Pew Research Shows

Upcoming Webinars

Mon 21

Open Source Security – Weighing the Pros and Cons

October 21 @ 1:00 pm - 2:00 pm
Wed 23

6 Essential Steps to Avoid Container Security Vulnerabilities

October 23 @ 11:00 am - 12:00 pm
Tue 29

Software-Defined Segmentation Done Easily, Quickly and Right

October 29 @ 1:00 pm - 2:00 pm
Nov 07

Don’t Let Vulnerabilities Create a Hole in Your Organization

November 7 @ 11:00 am - 12:00 pm
Nov 14

Top Cybersecurity Threats and How SIEM Protects Against Them

November 14 @ 11:00 am - 12:00 pm
Nov 18

Scaling DevSecOps

November 18 @ 1:00 pm - 2:00 pm
Nov 19

SAP Concur’s Cloud Journey

November 19 @ 1:00 pm - 2:00 pm
Dec 09

Cloud Security – Keeping Serverless Data Safe

December 9 @ 11:00 am - 12:00 pm

More Webinars

Download Free eBook

The State of DevSecOps

Recent Security Boulevard Chats

  • Cloud, DevSecOps and Network Security, All Together?
  • Security-as-Code with Tim Jefferson, Barracuda Networks
  • ASRTM with Rohit Sethi, Security Compass
  • Deception: Art or Science, Ofer Israeli, Illusive Networks
  • Tips to Secure IoT and Connected Systems w/ DigiCert

Industry Spotlight

Hybrid Cloud’s Impact on Financial Services Security
Cloud Security Cybersecurity Industry Spotlight Security Boulevard (Original) 

Hybrid Cloud’s Impact on Financial Services Security

October 18, 2019 Steven Totman | Yesterday 0
GDPR: One Year On, Lessons Learned
Cybersecurity Governance, Risk & Compliance Industry Spotlight Security Boulevard (Original) 

GDPR: One Year On, Lessons Learned

October 18, 2019 Charlene O’Hanlon | Yesterday 0
A Guide to Finding a Trusted MSSP
CISO Suite Cybersecurity Featured Industry Spotlight Network Security Security Boulevard (Original) Spotlight 

A Guide to Finding a Trusted MSSP

October 17, 2019 Craig DAbreo | 2 days ago 0

Top Stories

Okta Enables Entire Organization to Participate in Cybersecurity Defense
Cybersecurity Featured News Security Boulevard (Original) Spotlight Threat Intelligence 

Okta Enables Entire Organization to Participate in Cybersecurity Defense

October 16, 2019 Michael Vizard | 2 days ago 0
Sudo Read This Warning About LPE Bug in Sudo
Application Security Cybersecurity Featured Identity & Access News Security Boulevard (Original) Spotlight 

Sudo Read This Warning About LPE Bug in Sudo

October 16, 2019 Richi Jennings | 3 days ago 0
iTunes for Windows Zero-Day Exploited for Ransomware
Application Security Cybersecurity Data Security Featured Malware News Security Boulevard (Original) Spotlight Threats & Breaches Vulnerabilities 

iTunes for Windows Zero-Day Exploited for Ransomware

October 14, 2019 Richi Jennings | Oct 14 0

Security Humor

via the respected information security capabilities of Robert M. Lee & the superlative illustration talents of Jeff Hass at Little Bobby Comics .

Robert M. Lee’s & Jeff Hass’ Little Bobby Comics, ‘Power Grid’

Join the Community

  • Add your blog to Security Bloggers Network
  • Write for Security Boulevard
  • Bloggers Meetup and Awards
  • Ask a Question
  • Email: info@securityboulevard.com

Useful Links

  • About
  • Media Kit
  • Sponsors Info
  • Copyright
  • TOS
  • Privacy Policy

Other Mediaops Sites

  • Container Journal
  • DevOps.com
  • DevOps Connect
  • DevOps Institute
Copyright © 2019 MediaOps Inc. All rights reserved.

Our website uses cookies. By continuing to browse the website you are agreeing to our use of cookies. For more information on how we use cookies and how you can disable them, please read our Privacy Policy.