A YouTube scam where users are threatened with suspension for an unspecified “violation” of the video site’s guidelines has been circulating via email, according to Softpedia’s report.
The phishing YouTube scam is common enough to be causing users to raise questions on Google Groups, according to the site’s report.
The YouTube scam email reads, “We’d like to inform you that due to repeated or severe violations of our community guidelines and your YouTube account will be suspended 3 days from the time of this message.”
YouTube scam: Trap leads to surveys
This form of scam is more common on Facebook, Softpedia notes. Other We Live Security reports describe such typical Facebook scams. As with Facebook, it’s likely that multiple variants of the scam email are circulating, so the text may vary.
The particular variant seen by Softpedia continues, “After careful review we determined that activity in your account violated our community guidelines, which prohibit spam, scams or commercially deceptive content.
“Please be aware that you are prohibited from accessing, possessing or creating any other YouTube accounts.”
YouTube scams: What to do
ESET security specialist Mark James says, “The problem with phishing emails is that it's their job to trick you into thinking they are legit, often using the same graphics or templates from legitimate emails from real companies.”
“The methods they use include rewards for following links, penalties for not taking action and sometimes topics that offend easily forcing you not to take advice for fear of being judged or even prosecuted.”
In this case, Softpedia says, the link in the emails directs the users to a series of surveys, some of which ask for the user’s phone number - which can lead to further SMS scams.
James says, “There are many ways to spot these false emails, firstly, most companies will have layers of procedures before sending out emails (especially intent of termination emails) that are proofread and checked over again before being sent, also look to see who its written to, if it is about a service that’s going to be cancelled then it SHOULD be directed to YOU not "Dear customer" or "Dear user". They want your business and its important for you to feel your important.
“Check the sending email address. Don’t be fooled by the company name if it appears in the address, look to see if it looks right, most organizations want you to remember their details, so a long winded email address from PayPal with "pay" and "pal" in there somewhere won't be from them, look for unrealistic threats - if it’s going to happen in 24 hours, or some other short time period, chances are it’s fake.”
“DON’T open any attachments regardless of how enticing they seem, if you need to fill a form out to continue the service you are okay to call the company and ask them to mail the form to you, at that point you can verify if it is legitimate. DON’T follow any links, if the email has a link then check to see not only what it says but move your mouse over it and see WHERE it goes.”
A detailed We Live Security guide to the latest phishing scams (and how to avoid them) can be found here.