Tag: YouTube

Uncovering a long-lasting porn spam campaign on YouTube (NSFW, maybe)

Uncovering a long-lasting porn spam campaign on YouTube (NSFW, maybe)

In December 2022 I stumbled upon an interesting YouTube comment-based campaign, which promoted a shady camgirl / porn website through a clever use of YouTube features. I screengrabbed some video evidence and took a quick look at the campaign, but didn’t have time to dig any deeper.

I had forgotten the whole thing until in late April 2023 I saw the same campaign still going strong, still using exactly the same vectors in YouTube, still promoting the same site.

And this time I took a closer look, going through the rabbit hole of sus af adult website promotion. For science!

Continue reading “Uncovering a long-lasting porn spam campaign on YouTube (NSFW, maybe)”

Social Media Countermeasures – Battling Long-Running Scams on YouTube, Facebook, Twitter and Instagram

Social Media Countermeasures – Battling Long-Running Scams on YouTube, Facebook, Twitter and Instagram

For the past few years, I’ve been documenting, screenshotting, and sharing examples of criminal campaigns on the three big social media platforms: Facebook, YouTube and Twitter. I’m not that interested in speculating whether or not something is fake content, falsely amplified by nation-state sponsored threat actors (i.e. coordinated inauthentic behavior), but instead I’ve been focusing on two (a lot less media-sexy) themes:

  1. low-tier criminals using these platforms to promote their services
  2. so called “support scams” targeting mainly Facebook page owners

What is common across these two is the fact that they keep getting through social media platforms’ automatic filtering. I call this filtering – the good-willed type, not the censorship type – social media countermeasures. A term I think I picked up from Destin who runs Smarter Every Day YouTube channel, but I haven’t really seen it used. In a nutshell, social media platforms are trying to create countermeasures to prevent malicious behavior on their platform, and at the same time cyber criminals are developing counter-countermeasures to bob and weave their way around detection and filtering. Sometimes these criminals simply operate in a grey area not covered explicitly by a platform’s Terms of Service, making developing effective countermeasures even harder. Let’s take a look at few examples.

Continue reading “Social Media Countermeasures – Battling Long-Running Scams on YouTube, Facebook, Twitter and Instagram”

YouTube Channel Phishing, Part 2: The Enemy Evolves

YouTube Channel Phishing, Part 2: The Enemy Evolves

Last year I took a first look at a phishing campaign that was interestingly targeting YouTube channel owners’ email addresses. The aim of the campaign was to guide people to fake YouTube sign in page and phish their login credentials. Note, this did not target YouTube accounts in general, but actual channels. These were my main findings:

  • Despite being hilariously obvious, first four of these were not caught by ProtonMail’s spam filter
  • Out of several YouTube channels I manage, only one has been targeted
  • Same email was CC’d to others
  • Unclear where they have found my email address
  • Senders’ email service providers started as Russian. Little to no typosquatting involved.
  • After few iterations, phishing content seems to have reached its final form (for now)

The campaign came in a burst, stopping as suddenly as it had started. Now after a couple of months it has started again, and it’s time to re-examine what has changed.

Continue reading “YouTube Channel Phishing, Part 2: The Enemy Evolves”

“YouTube channel will be disabled within 24 hours!” Phishing Campaign First Look

“YouTube channel will be disabled within 24 hours!” Phishing Campaign First Look

During past few months I’ve witnessed and been targeted by rather simple, but still interesting phishing campaign. Well, not me personally, but instead a YouTube channel that I run. This campaign has noticeably sped up in November, so I decided to take a closer look at these phishing emails and share with you my findings.

Continue reading ““YouTube channel will be disabled within 24 hours!” Phishing Campaign First Look”

How to Create a New YouTube Channel for Your Business [+ Proven Checklist]

How to Create a New YouTube Channel for Your Business [+ Proven Checklist]

Internet is full of guides on how to create a YouTube channel, but none of them helped me when our company had reached the point where we realized that one YouTube channel simply wasn’t enough. Whether you’re in the process of creating the first channel for your business, or maybe in similar situation that we were, it doesn’t matter, as this checklist will be suitable for you nevertheless.

(This guide was updated in December 2020 to reflect the changes in YouTube Studio. All links should be fixed now.)

Continue reading “How to Create a New YouTube Channel for Your Business [+ Proven Checklist]”