Story image

ESET offers tips to phish out fakes on back of YouTube scam

06 Sep 14

Security company ESET is warning internet users to be even more vigilant for phishing scams, which it says are becoming increasingly complex and difficult to distinguish from genuine emails.

The warning comes as emails circulate, purporting to be from YouTube.

The email, which claims to be from the YouTube account manager, says due to 'repeated or severe violations' of YouTube guidelines the users account will be suspended in three days.

“After careful review we determined that activity in your account violated our community guidelines, which prohibit spam, scams or commercially deceptive content. Please be aware that you are prohibited from accessing, possessing or creating any other YouTube accounts.”

It then requests the recipient complete an online survey, in order to prove they're not a bot.

ESET says in some cases, recipients of the emails are also being asked to provide their phone number.

The security company says phishing scams are getting more complex and harder to distinguish from legitimate sources.

Mark James, ESET security specialist, says phishing emails often use methods such as penalties for not taken action or rewards for following links, and sometimes topics that offend easily, effectively encouraging you to not take advice for fear of being judged or even prosecuted.

However, he says are ways to spot the fake emails.

“Firstly most companies will have layers of procedures before sending out emails - especially intent of termination emails - that are proofread and checked over again before being sent.

“Also look to see who its written to, if it is about a service that’s going to be cancelled then it should be directed to you not 'Dear customer' or 'Dear user'. They want your business and its important for you to feel your important.

“Check the sending email address. Don’t be fooled by the company name if it appears in the address, look to see if it looks right, most organisations want you to remember their details, so a long winded email address from PayPal with “pay” and “pal” in there somewhere won’t be from them.

“Look for unrealistic threats – if it’s going to happen in 24 hours, or some other short time period, chances are it’s fake,” James says.

He warns not to open any attachments, regardless of how enticing they seem.

“If you need to fill a form out to continue the service you are okay to call the company and ask them to mail the form to you. At that point you can verify if it is legitimate.

“Don't follow any links. If the email has a link, then check to see not only what it says but move your mouse over it and see where it goes.”

To find out more, visit the Eset website.

Human assets the key to a successful digital transformation
Y Soft's Martin de Martini says it's vital that organisations continue to train and motivate their employees.
New blockchain solution aims to keep our food ethical
OpenSC enables anyone to scan product QR codes which automatically takes them to information about where a specific product’s journey.
Cofense launches MSSP program to provide phishing defence for SMBs
SMBs are highly susceptible to phishing attacks, and often lack the resources necessary to stop advanced threats
Kiwis make waves in IoT World Cup
A New Zealand company, KotahiNet, has been named as a finalist in the IoT World Cup for its River Pollution Monitoring solution.
Can it be trusted? Huawei’s founder speaks out
Ren Zhengfei spoke candidly in a recent media roundtable about security, 5G, his daughter’s detainment, the USA, and the West’s perception of Huawei.
Office workers frustrated by poor information management systems
82% of workers believe poor information management is damaging their productivity in the workplace.
Jobs 'aplenty' for freelance writers, devs & ecommerce specialists?
Jobs tagged with the keyword ‘writing’ took the top spot as the fastest moving job in 2018.
Updated: Chch crypto-exchange Cryptopia suffers breach
Cryptopia has reportedly experienced a security breach that has taken the entire platform offline – and resulted in ‘significant losses’.