The Websense Security Labs ThreatSeeker Network has revealed that clicking on the link in the email directs the user to a user (spammer) profile on a legitimate YouTube site. When users visit the profile page, they are encouraged to visit the spammers's advertised domain.
Websense claimed that user invites sent within YouTube containing URLs to spam sites have been used in the past, as well as emails that spoof YouTube user invites but contain a link directly to the spam site.
However this time, spammers and malware authors are combining to send out spoofed YouTube user invites that link to a profile on the legitimate YouTube website. The spam link is then advertised on that profile.
From a spammer's perspective, the chance of success is increased with such attacks, because they make use of the clean reputation of YouTube services.
See original article on scmagazineus.com