If an email sounds too good to be true, we’ve learned to dismiss it as phishing or otherwise fraudulent, even if it managed to evade the email client’s junk filters. However, I’ve seen a rise of new type of automated emails that deserve a closer look, as they behave quite differently from your average spam. These emails are from seemingly legitimate businesses, targeting specific email addresses associated with Instagram Creator accounts, and offering some type of an influencer marketing deal.
Global influencer marketing spend is growing rapidly, and Instagram grabbed a lion share – 8 billion dollars – of it during 2020. So, it’s not out of the question for even smaller Creator accounts to get approached by (smaller) brands, but there’s definitely something fishy about the following emails. Let’s look at some examples.
Continue reading “The Curious Case of Automated Instagram Influencer Sponsorship Emails”
Last year I took a first look at a phishing campaign that was interestingly targeting YouTube channel owners’ email addresses. The aim of the campaign was to guide people to fake YouTube sign in page and phish their login credentials. Note, this did not target YouTube accounts in general, but actual channels. These were my main findings:
- Despite being hilariously obvious, first four of these were not caught by ProtonMail’s spam filter
- Out of several YouTube channels I manage, only one has been targeted
- Same email was CC’d to others
- Unclear where they have found my email address
- Senders’ email service providers started as Russian. Little to no typosquatting involved.
- After few iterations, phishing content seems to have reached its final form (for now)
The campaign came in a burst, stopping as suddenly as it had started. Now after a couple of months it has started again, and it’s time to re-examine what has changed.
Continue reading “YouTube Channel Phishing, Part 2: The Enemy Evolves”
During past few months I’ve witnessed and been targeted by rather simple, but still interesting phishing campaign. Well, not me personally, but instead a YouTube channel that I run. This campaign has noticeably sped up in November, so I decided to take a closer look at these phishing emails and share with you my findings.
Continue reading ““YouTube channel will be disabled within 24 hours!” Phishing Campaign First Look”