Scammers use YouTube comments to lure victims
Kaspersky researchers have uncovered an unusual scheme in which bad actors promote fake crypto services on YouTube.
The attackers choose trending videos on YouTube and leave comments promoting a fake “breach” in the crypto market. To make their message more visible, they falsify statistics in comments, and place bot replies to amplify the initial comment.
The comment encourages viewers to visit the scammer’s own YouTube channel and watch a video that gives instructions on how to benefit from an apparent exchange rate bug.
In addition, the video is clearly fabricated, as the the edits in the exchange rate rows are visible to the naked eye, and the comments are packed with overly-positive feedback.
Once a user arrives on the Web page linked in the description, the victim sees a facility to exchange bitcoin, however, if they use it, they will never see this money again, as the service is fake.
The link under the video leads to fraudulent exchanger, Kaspersky says. However, users may not notice that this video is the only one published on the channel until they realise they have been taken for a ride.
According to the security giant, crypto-currency is going through a turbulent time, and with many rates unstable, crypto scammers have to find new ways to hook their victims.
Mikhail Sytnik, a security expert at Kaspersky, says a constant drop in exchange rates is seeing crypto-currency facing hard times.“Those who want to buy currency at the best price are frequently being targeted by fraudsters.”
Sytnik says Kaspersky’s recent investigation reveals that today attackers resort to new, and more mainstream ways to reach their victims, even taking their YouTube preferences into account. “We strongly recommend users carefully check the crypto resources they turn to, and to not rely to random comments on YouTube.”
Better than cure
In addition, to avoid these scams, save money and keep personal data private, Kaspersky advises to check any link before clicking. “Hover over it to preview the URL and look for misspellings or other irregularities. It’s also good practice to only enter a username and password over a secure connection. Look for the HTTPS prefix before the site URL, indicating the connection to the site is secure.”
Also, fake emails and Web sites are crafted to look just like genuine articles. “It depends on how well the criminals did their homework. The hyperlinks will most likely be incorrect, with spelling mistakes. However, the links can also be disguised to look like valid links and redirect you to a different page, impersonating the legitimate site.”
The company also advises to protect your data and finances, by making sure any online checkout and payment page is secure. The Web page’s URL must begin with HTTPS instead of the usual HTTP, and an icon of a lock will also typically appear beside the URL. In some browsers, the address bar will be green, so if you don’t see these features, do not proceed.”
Finally, he advises to use a trusted security solution that can help to check the security of any URL being visited and one which offers the ability to open any site in a protected container to prevent theft of sensitive data, including financial details.