Scammers recently hijacked three YouTube channels and used them to collect nearly $150,000 in cryptocurrency. They used these stolen channels to impersonate the official SpaceX YouTube channel. The hijackers played fake live stream interviews with Elon Musk, founder and CEO of SpaceX, while promoting bogus cryptocurrency giveaways. These giveaways are based on an old-school scamming tactic in which cyber criminals ask for a small payment while promising a large payout for the so-called investment.
This scam was successful for two main reasons: First, using existing YouTube channels gave the cybercriminals a large, trusting audience of subscribers. Second, the scammer’s “investment offer” appeared to be coming from the well-known, tech-savvy billionaire, Elon Musk–rather than from a random stranger–so it seemed to be more legitimate.
Here’s what we can learn from this scam:
- If something seems too good to be true–like an unbelievable investment opportunity–it probably is! Question everything.
- Whether it’s a phony website, a disguised email address, or a hijacked YouTube channel, anyone and anything can be spoofed.
- Experts speculate that the scammers gained access to these YouTube channels through a data breach of a different website. This is a great example of why you must use a different password for every login.
Stop, Look, and Think. Don’t be fooled.
KnowBe4 is the world’s most popular integrated platform for awareness training combined with simulated phishing attacks. Let Keller Schroeder show you how KnowBe4 has helped thousands of organizations just like yours manage the continuing problem of social engineering. Contact us today to learn more.
DISCLAIMER : Any non-technical views expressed are not necessarily those of Keller Schroeder or its employee-owners.