France-based cybersecurity company, VadeSecure, has recently revealed a new way through which cyber hackers have started targeting creators. Based on the report released by the company, YouTube attribution links were being used as the latest way to outsmart email security systems.
While explaining how the new phishing campaign works, the company said that threat actors would send out emails to a number of users telling them that their password for Microsoft 365 was no longer valid and needed to be verified. Under the text, the hackers would leave an option to keep using their old password. Along with the option, a YouTube attribution link would also be attached, and if by any chance the user ends up clicking on the link, they will quickly be redirected to a webpage where the scammer will be waiting for them.
According to VadeSecure, after opening the link, users will first view a YouTube page, and later on they will be shifted to another site hosting CAPTCHA from Cloudfare. Following the redirect, if the user taps on CAPTCHA, a webpage will appear in front of their screen pretending to be an official site of Microsoft 365. The page would ask users to log in to their Microsoft account to continue with their old password; once the credentials have been entered, the data will be shared with scammers who will take over the user’s account.
What seems to be concerning is that these attacks appear to be more realistic. Usually, grammatical errors were present in such emails, making it obvious that the user was being targeted and the attack could be prevented, but now the company revealed that such emails were free from any grammatical error, which makes it difficult to identify as a scam.
Furthermore, the use of real services, such as YouTube attribution links or Cloudfare, to lure in victims makes the email and the whole process appear more realistic. The report said that in just 30 days, the company came across over 1,000 emails that were meant to target a number of users. In order to prevent themselves from becoming victims, it is important to not trust any email hosting such links.
Read next: New Study Proves Millions Of Dollars Go Missing Each Day Due To Cryptocurrency Crimes
While explaining how the new phishing campaign works, the company said that threat actors would send out emails to a number of users telling them that their password for Microsoft 365 was no longer valid and needed to be verified. Under the text, the hackers would leave an option to keep using their old password. Along with the option, a YouTube attribution link would also be attached, and if by any chance the user ends up clicking on the link, they will quickly be redirected to a webpage where the scammer will be waiting for them.
According to VadeSecure, after opening the link, users will first view a YouTube page, and later on they will be shifted to another site hosting CAPTCHA from Cloudfare. Following the redirect, if the user taps on CAPTCHA, a webpage will appear in front of their screen pretending to be an official site of Microsoft 365. The page would ask users to log in to their Microsoft account to continue with their old password; once the credentials have been entered, the data will be shared with scammers who will take over the user’s account.
What seems to be concerning is that these attacks appear to be more realistic. Usually, grammatical errors were present in such emails, making it obvious that the user was being targeted and the attack could be prevented, but now the company revealed that such emails were free from any grammatical error, which makes it difficult to identify as a scam.
Furthermore, the use of real services, such as YouTube attribution links or Cloudfare, to lure in victims makes the email and the whole process appear more realistic. The report said that in just 30 days, the company came across over 1,000 emails that were meant to target a number of users. In order to prevent themselves from becoming victims, it is important to not trust any email hosting such links.
Read next: New Study Proves Millions Of Dollars Go Missing Each Day Due To Cryptocurrency Crimes
