YouTube Phishing Alert: AI-Generated CEO Videos Used to Steal Creator Accounts

YouTube has issued an urgent warning to its creators about a sophisticated phishing campaign. Scammers are now using AI-generated videos featuring CEO Neal Mohan to trick users into handing over their account credentials.

The Phishing Tactic:

Attackers are sending targeted emails to creators, sharing a private video that appears to show the YouTube CEO announcing changes to the platform’s monetization policies. This video is often AI-generated, making it difficult to distinguish from legitimate communications.

According to YouTube’s official announcement, “We’re aware that phishers have been sharing private videos to send false videos, including an AI generated video of YouTube’s CEO Neal Mohan announcing changes in monetization.”

Key Warning Signs:

• Private Video Invitations: YouTube has emphasized that it will never contact users or share important information through private videos. Any video shared privately claiming to be from YouTube should be treated as a phishing scam.
• Monetization Policy Changes: The emails often falsely claim that YouTube is changing its monetization policy, prompting users to take immediate action.
• Suspicious Links: The videos or emails contain links that redirect to fake login pages designed to steal your YouTube account credentials. One such page is studio.youtube-plus[.]com, which mimics the legitimate YouTube Studio interface.

Example of a Phishing Landing Page:

(Image: BleepingComputer)

How the Scam Works:

1. Enticement: Creators receive an email with a private video link, seemingly from YouTube.
2. Urgency: The email creates a sense of urgency, claiming that accounts will be restricted within seven days if compliance with the new terms isn’t confirmed. These restrictions allegedly include limitations on uploading, editing, monetization, and fund access.
3. Credential Theft: Upon clicking the link, creators are directed to a fake login page where they are asked to “confirm the updated YouTube Partner Program (YPP) terms.” Entering their credentials on this page sends their information directly to the scammers.
4. False Confirmation: After entering credentials (even fake ones), users are told their “channel is now pending” and are instructed to “open the document in the video description for all the necessary information.”

Protecting Your YouTube Account:

• Never click on links in private videos or suspicious emails. Always navigate directly to the YouTube website or YouTube Studio through your browser.
• Verify the sender: Double-check the sender’s email address to ensure it’s a legitimate YouTube address (e.g., ending in @youtube.com or @google.com).
• Enable two-factor authentication (2FA): This adds an extra layer of security to your account, making it more difficult for hackers to gain access even if they have your password.
• Report suspicious activity: If you receive a suspicious email or video, report it to YouTube immediately.

What to Do If You’ve Been Scammed:

1. Change your password immediately: Use a strong, unique password that you don’t use for any other accounts.
2. Enable 2FA: If you haven’t already, enable two-factor authentication on your Google account.
3. Review your account activity: Check for any unauthorized changes to your channel, such as new videos, altered settings, or suspicious links.
4. Contact YouTube support: Report the incident to YouTube support and provide them with as much information as possible.

YouTube’s Support Resources:

• Avoiding and reporting phishing emails: https://support.google.com/mail/answer/8253
• Details on similar phishing campaigns: https://support.google.com/faqs/answer/14329556
• Hacked account support: https://support.google.com/youtube/thread/292206327

Stay Vigilant:

Phishing scams are constantly evolving, so it’s crucial to stay informed and be cautious about any unsolicited emails or videos you receive. By following these tips, you can help protect your YouTube account and avoid becoming a victim of these malicious attacks.