A scam campaign is using profiles from YouTube to advertise products and services.
The Websense Security Labs ThreatSeeker Network has revealed that clicking on the link in the email directs the user to a user (spammer) profile on a legitimate YouTube site. When users visit the profile page, they are encouraged to visit the spammers's advertised domain.
Websense claimed that user invites sent within YouTube containing URLs to spam sites have been used in the past, as well as emails that spoof YouTube user invites but contain a link directly to the spam site.
However this time, spammers and malware authors are combining to send out spoofed YouTube user invites that link to a profile on the legitimate YouTube website. The spam link is then advertised on that profile.
From a spammer's perspective, the chance of success is increased with such attacks, because they make use of the clean reputation of YouTube services.
See original article on scmagazineus.com
YouTube profiles used by scammers
By
Dan Raywood
on
Sep 26, 2008 9:59AM
A scam campaign is using profiles from YouTube to advertise products and services.
Got a news tip for our journalists? Share it with us anonymously here.
Sponsored Whitepapers
Free eBook: Digital Transformation 101 – for banks
Why financial services need to tackle their Middle Office
Learn: The latest way to transfer files between customers
Extracting the value of data using Unified Observability
Planning before the breach: You can’t protect what you can’t see