Story image

ESET offers tips to phish out fakes on back of YouTube scam

05 Sep 14

Security company ESET is warning internet users to be even more vigilant for phishing scams, which it says are becoming increasingly complex and difficult to distinguish from genuine emails.

The warning comes as emails circulate, purporting to be from YouTube.

The email, which claims to be from the YouTube account manager, says due to 'repeated or severe violations' of YouTube guidelines the users account will be suspended in three days.

“After careful review we determined that activity in your account violated our community guidelines, which prohibit spam, scams or commercially deceptive content. Please be aware that you are prohibited from accessing, possessing or creating any other YouTube accounts.”

It then requests the recipient complete an online survey, in order to prove they're not a bot.

ESET says in some cases, recipients of the emails are also being asked to provide their phone number.

The security company says phishing scams are getting more complex and harder to distinguish from legitimate sources.

Mark James, ESET security specialist, says phishing emails often use methods such as penalties for not taken action or rewards for following links, and sometimes topics that offend easily, effectively encouraging you to not take advice for fear of being judged or even prosecuted.

However, he says are ways to spot the fake emails.

“Firstly most companies will have layers of procedures before sending out emails - especially intent of termination emails - that are proofread and checked over again before being sent.

“Also look to see who its written to, if it is about a service that’s going to be cancelled then it should be directed to you not 'Dear customer' or 'Dear user'. They want your business and its important for you to feel your important.

“Check the sending email address. Don’t be fooled by the company name if it appears in the address, look to see if it looks right, most organisations want you to remember their details, so a long winded email address from PayPal with “pay” and “pal” in there somewhere won’t be from them.

“Look for unrealistic threats – if it’s going to happen in 24 hours, or some other short time period, chances are it’s fake,” James says.

He warns not to open any attachments, regardless of how enticing they seem.

“If you need to fill a form out to continue the service you are okay to call the company and ask them to mail the form to you. At that point you can verify if it is legitimate.

“Don't follow any links. If the email has a link, then check to see not only what it says but move your mouse over it and see where it goes.”

To find out more, visit the Eset website.