- In today’s world, videos are popular among all age groups. Cybercriminals are leveraging this popularity to deliver malware.
- There are a variety of attacks involving videos such as adding malicious links in video descriptions or embedding malware in a Word document containing a video.
The latest YouTube scam
Recently, researchers identified a new scam on YouTube that delivers information-stealing malware.
- The particular video promotes a tool that can apparently generate a private key for a bitcoin address.
- This key is claimed to offer access to the bitcoins in the address.
- The video’s description provides links to download the tool. When users download from the link, Predator the Thief information-stealing Trojan is installed on the machine.
Why is video a lucrative social engineering bait?
With a number of sites and independent creators offering videos for informational, educational, and entertainment purposes, the popularity of such videos has shot up.
- Many users believe that all videos are trustworthy and don’t think twice before playing them.
- This belief is misused by criminals who use videos to deliver malware to systems.
What can you do?
With diverse attacks involving videos in the cyberspace landscape, users must exercise caution with videos.
- The basic precaution is keeping yourself updated on the video scams reported.
- Adding malicious links in the video description and the comments section is a popular strategy. If a link promises the full version of a movie, there are chances of it being a part of a scam. Beware of any such link that seems suspicious.
- If a suspicious ad that promises free gifts pops up when you’re watching a video, it may lead you to a malware-infected site. Anything that is too good to be true has a high possibility of being a scam.