YouTubers being hacked is nothing new, you may have even had some close calls with your account being compromised. The most common method hackers use to gain access to YouTube accounts is through phishing. Phishing is a deceptive tactic where scammers trick you into providing your login details by pretending to be a trusted source. However, we’ve recently seen some more sophisticated attempts to hack YouTube accounts, and we’ll show you exactly what steps you need to take to keep your account secure.
This Email Looks Legit, Right?
At first glance, this email looks like a real message sent directly from YouTube… and guess what? It is. Anytime a Private video on YouTube adds your email address for viewing privileges, YouTube sends a legitimate email notification to confirm this.
This is exactly the tactic hackers are now using to trick users. The real ‘hack’ comes from the video linked in the email. It’s a real YouTube video that falsely claims you need to make account changes to continue monetizing your videos. The phishing scam takes place in the next step.
The video instructs you to follow the links in the description to confirm the updates, but the links actually lead to an advanced method of stealing your account information.
While some scams are highly sophisticated like this, most fake emails have telltale signs that give them away. Here are 3 simple ways to spot a phishing attempt:
1. The Sender’s Email Address Looks Suspicious
Hackers often use email addresses that appear similar to legitimate companies but have small misspellings or extra characters. For example, an email from "support@amaz0n.com" instead of "support@amazon.com" is a red flag. Always check the full sender address before clicking on anything.
2. Urgency or Threatening Language
Phishing emails frequently pressure you to act immediately, claiming your account will be locked or you’ll face legal consequences if you don’t respond. If an email demands quick action and tries to scare you, take a step back and verify its legitimacy. Searching up the company in question and sending them an email directly could be a good way to confirm any urgent issues.
3. Suspicious Links and Attachments
Hover over any links before clicking. If the URL looks strange, unrelated to the company, or has a lot of random characters, it's likely a phishing attempt. Similarly, unexpected attachments, especially ZIP files or Word documents can contain malware. When in doubt, avoid downloading anything and verify directly with the company.
You can also copy any suspicious links (without opening them) and paste them on a site like NordVPN’s link checker: https://nordvpn.com/link-checker/.
By keeping an eye out for these red flags, you can significantly reduce your chances of falling for a phishing scam. The key is to stay cautious, double-check sources, and never rush into clicking links or providing personal information.
If you have more questions about keeping your account safe and protected, please contact us.
