Have you heard of the cryptocurrency scam giveaway on Youtube? There are definitely several Youtube channels that have recently been hacked and used to scam everybody, especially their users, regular viewers, and bike viewers walking around Youtube who may believe those lies.
And mostly because of its feature of being anonymous, it’s linked to cryptocurrency; hackers would not be easily captured by authorities because they didn’t disclose something specific such as names, addresses, or address. Even, due to its quick method of earning, but don’t get me wrong investing in cryptocurrency is a win or lose ratio of 50:50, but by following wrong decisions and wrong people, most people get dumped and lost their funds.
As explained in this guide, what those scammers normally do is buy a lot of YouTube views. That gives them a certain amount of legitimacy, making it easier for their scams to fall prey.
Back to the subject.
First, their way of scamming is: they’re going to find a target. A Youtube channel with thousands or even millions of subscribers, especially a checked account with a check mark next to the name of the YouTube channel. Hackers will change the name of the channel to a popular celebrity, influencer, a wealthy business man, or a renowned company that will look credible until they get access to this channel using various hacking techniques, like social engineering. And live on Youtube and fake giveaway deals, e.g. “Send 0.1 BTC to this wallet address, and we’re going to send 0.5 BTC back” seems true, right? *insert sarcasm. *insert sarcasm. This giveaway scam looks like the Youtube screen captured below.
Remember, be wary of being too good to be genuine deals, most of which are scams.
If you are one of the YouTube Vloggers, or if you are the person in charge of maintaining your company’s YouTube channel. I’m sure that you don’t want to become one of these malicious people’s victims. We advise you to take these four basic steps in order to protect your YouTube channel:
Develop a secure password
And don’t share yourself. A combination of upper and lower case letters, numbers, and special characters is a safe and powerful password. Never use an obvious password similar to your anniversary email, name, and birthday, GF/BF, or wife/husband.
With a good password, at least for brute force and dictionary attacks, your account would be too difficult to hack. And do not ever share with anyone your passwords.
Enable Verification in 2-Step
You need to allow this on your Google account as an extra layer of protection for your account. This works as you will receive a verification code from Google any time you log in to your registered mobile number or to your other computer that is currently logged in to your account.
If you enter an incorrect authentication code, you can’t log in to someone who has a copy of your password.
Delete your YouTube Channel access
Two or more users, particularly a company or a brand, can manage YouTube channels; you can also add access to your other Google account as a person. You have to periodically review this. Check if they are right on your Youtube account under the Settings on your dashboard, as this decides who has access to your YouTube channel.
Stop scams including Phishing and Malware
There are various kinds of phishing attacks for more information. It requires the use of email, SMS messages, phone calls, etc. But one thing that is similar to this attack is that you would be drawn to enter your account login information using a mobile app or website such as your username, email, password, worst is your credit card, or bank account information.
How can this be avoided?
Ask yourself first, why?
Why did you receive a message from Youtube, or from Google, Facebook, your bank, or your registered website? I’m sure you need an answer to this issue, but don’t ever click on any links embedded in the post.
So, secondly, if you have received a message from your account, please check the email if the domain name actually comes from their official website.
Prevent phishing on your Youtube account
Now, if the attacker uses email spoofing in which the address of the sender looks the same as the original, then it is difficult to identify.
Third, by verifying the checked badge, go to their social media accounts such as Facebook, Twitter, or Instagram and make sure that it is the official account. Check if you have a post about the message you got and verify it on your own.
You should report it to their website or social media accounts if you think the message you received is phishing, so that they are aware of the attack and take necessary action against it and mark the email as spam.
Regardless of the account you are registered on, to avoid being compromised, always check the authenticity of the message you got from email, SMS by going to their website or social media accounts. If it is really the domain of the website, look at the URL address on the post. Be skeptical of shorteners for ties. Finally, avoid clicking attached links, only copy the link, and check for it for verification on Google.