Fraudsters to Impersonate YouTube Email address and Send Phishing Emails

If you receive an email from no-reply@youtube.com claiming changes to YouTube’s rules and policies, urging you to review detailed information, would you follow the prompt and click the link provided?

Ordinarily, users may not pay much attention to notifications regarding rule adjustments; however, some individuals, particularly YouTube creators, may investigate further, especially when the email address appears to be official.

no-reply@youtube.com is one of the email addresses YouTube employs for official notifications, and in Gmail, it is verified as authentic.

Recently, YouTube discovered that fraudulent groups have been abusing the video-sharing mechanism to send phishing emails to users.

The exploitation method is straightforward: create a deceptive video titled “Changes in YouTube rules and policies,” share it with target users using the sharing mechanism, and include a description. At this point, YouTube sends an email to the target users via no-reply@youtube.com, and upon opening the email, the video title is displayed, creating the appearance of legitimacy.

The fraudsters instruct users to click on a Google Drive link to download a file, which contains a virus. The ultimate goal is to install the virus-laden file and gain control of the user’s PC.

YouTube has intervened and launched an investigation upon receiving user feedback. They are currently monitoring such sharing mechanisms to prevent fraudulent groups from exploiting YouTube for scams.