(PSA) A warning to YouTube creators, scammers have worked out an almost fool proof method of phishing your account

[wanderingfool2]

59 minutes ago, valdyrgramr said:

Well, the exploit is using Google Chat to get the domain to appear as Google.com when sent to Gmail from what I saw.  The scammer knew that, but I'm not sure if that's supposed to happen or not when their actual domain is completely different.   If it is intentional by Google, then that is a design flaw on their part.

It's not really an exploit...just a "feature" to alert you of messages while away...so very much intentional.  I've never been a fan of messaging services that also allow unsolicited chats (but that's just me) [for myself a request type should be made that shows the detailed information].

 

1 hour ago, valdyrgramr said:

He's also reported that one domain to Dreamhost, and said he hasn't heard back since they told him they were investigating.

There isn't much investigating really.  A typical scenario is they try figuring out of the domain is being used as spam and if so they remove it...but scammers can just pop up with a new domain, under another fake identity

[LinusTech]

On 7/28/2021 at 3:40 AM, Master Disaster said:

This is blowing up on YouTube ATM, I'll begin with a tweet that should show just how sophisticated this scam is...

 

Essentially the scammers have worked out a method of sending people emails that are originating from a genuine Google domain making them indistinguishable from authentic Google emails.

 

Details are a bit thin ATM but it seems as though the scammers are bouncing the emails through Google Chat and when they arrive in your inbox they look like they've come from Google (because they basically have). Then once you click the link provided it actually opens a session in Google Chat making it seem even more believable that you're really talking to Google.

 

Some Ordinary Gamers also received the email and was in the process of chatting to the scammers when he noticed the email of the person he was chatting to had an @account-support.com domain on their email.

 

If you receive an email from Google saying

its a scam. Ignore it.

 

Source -

 

 

 

EDIT ; 

 

looks like he missed the scammer's domain when chatting with him ;
 

 

Screenshot in case the Tweet get deleted ;
 

  Reveal hidden contents

 

Thanks for the heads up. Anthony saw and forwarded to me. I'll let the business team know.

[Jtalk4456]

20 hours ago, wanderingfool2 said:

Okay, so tell me, who is he suppose to call?  Tell me the number for YouTube Support....or even an email for YouTube Support.  Good luck searching

https://support.google.com/youtube/answer/3545535?hl=en
There you go, took 2 minutes to find. There's an email support link and if you're logged into an account in the Partner Program, there's a chat option that will show up.

[Spotty]

Surprised it hasn't been posted already, but Jim Browning uploaded a video showing how he fell for the scam.

 

 

[Arika]

2 hours ago, Spotty said:

Surprised it hasn't been posted already, but Jim Browning uploaded a video showing how he fell for the scam.

 

 

just watched this video. holy shit youtube's confirmation screens are vague as shit.

 

[Master Disaster]

I also just got a chance to watch Jims video and I stand by my original position.

 

Yes there were warning signs and yes, Jim certainly could (and probably should) have noticed however the entire thing was way more complex than just "delete your channel for us, thanks, Google".

 

Whoever pulled it off just showed the world the gold standard in how to socially engineer someone, even Jim himself admits how convincing the entire thing was (right up to the Google Forms link).

[Murasaki]

Glad Jim's channel is back, watched his and Muta's video. A good solution would be Google to fix their Chat app to not be able to impersonate @ google.com since thats what makes it so convincing. And of course the obvious above all.. awareness.

[Zodiark1593]

Jim Browning on Floatplane is quite the appealing idea right about now. Redundancy is always a good security layer.

Edited August 1, 2021 by Zodiark1593
Autocorrect typo

[Master Disaster]

Oh boy, someone else fell for this as well

 

[leadeater]

On 7/31/2021 at 2:06 PM, Jtalk4456 said:

https://support.google.com/youtube/answer/3545535?hl=en
There you go, took 2 minutes to find. There's an email support link and if you're logged into an account in the Partner Program, there's a chat option that will show up.

Youtube and Google support are notoriously bad. Having an email address or chat link isn't the same thing as those support channels actually being of any use. That's why Youtube partner managers are so important, a more direct line to an actual person that can help or get help.

[Jtalk4456]

1 hour ago, leadeater said:

Youtube and Google support are notoriously bad. Having an email address or chat link isn't the same thing as those support channels actually being of any use. That's why Youtube partner managers are so important, a more direct line to an actual person that can help or get help.

I can understand that, but the support does exist, and I was asked to find anything and implied no amount of searching would find it. I'm just saying options are there, they are possible to find, and even if they weren't, I'd NEVER trust an unsolicited support message saying they need me to delete my entire channel. If I couldn't find any support options, I'd simply ignore and assume spam over deleting my income stream without verifying it was actually them. For many, this might be convincing enough, but for a channel dedicated to identifying scams, this is simply poor practice.
Furthermore I'd like to challenge the argument of he had no good way to contact them. So we're saying that a company who is notoriously hard to contact, who is well known for making it harder for creators to make a living, THOSE guys are the ones who out of the blue REACHED OUT TO HIM to help him fix his adsense account?? I'm not buying it at all. Look, I'm not saying the guy's an idiot, we're all human. But for a dude supposedly making a living teaching people how to avoid scams, it's not good when he falls for a scam. Just the basic rule of contacting companies directly instead of trusting unsolicited and unexpected contact, that would have saved him from this whole debacle. If you went to a session with your personal trainer to find them on a recliner spooning ben and jerrys in with a large ice cream scoop surrounded by potato chips, you'd be reconsidering the gym membership. Sure you can say the food industry is contributing to obesity or that sodas shouldn't be able to lobby to reduce or stop health regulations, but at the end of the day your trainer made the decision to buy the chips and ice cream.

[leadeater]

1 hour ago, Jtalk4456 said:

Furthermore I'd like to challenge the argument of he had no good way to contact them. So we're saying that a company who is notoriously hard to contact, who is well known for making it harder for creators to make a living, THOSE guys are the ones who out of the blue REACHED OUT TO HIM to help him fix his adsense account??

Well Youtube is actually consistent in regards to enforcing policies like strikes, claims and guideline violations so them initiating contact isn't that unusual. But like I agree what was being asked was sus but also you should have a watch of his video where he explains and shows what happened.

 

Although I have to say it was rather weird he was screen recording what he was doing for Youtube support, just saying..

[wanderingfool2]

23 hours ago, leadeater said:

Although I have to say it was rather weird he was screen recording what he was doing for Youtube support, just saying..

I suspect parts of the screen recording was him recreating what the chat was doing...or maybe he just has something like shawdowplay...since he sometimes has to react quickly to scams that he is currently monitoring (and having to not worry about starting a record at the beginning can save the crucial bit of time).

 

On 8/1/2021 at 9:58 PM, Jtalk4456 said:

I can understand that, but the support does exist, and I was asked to find anything and implied no amount of searching would find it. I'm just saying options are there, they are possible to find, and even if they weren't, I'd NEVER trust an unsolicited support message saying they need me to delete my entire channel. If I couldn't find any support options, I'd simply ignore and assume spam over deleting my income stream without verifying it was actually them

You miss the subtlety of what I was implying...it's that you were saying he should have called support.  Finding an phone/email means nothing if it's hard to get a response from the listed phone numbers.  (Because even some decent sized channels aren't on the partner support program, which means your link would be useless if he wasn't).  Options aren't really there if they are hard to get a hold of.

 

If you watched his video, you would have realized that he thought he was "moving" it (and that the warnings were to be overlooked because it would be "moved" to his new account).  With that said, it seems as though that is a similar process that YouTube actually did when restoring his account [they literally got him to create a new account the same way..and I suspect moved over the deleted account].

 

Ignoring an email (from an official google.com) saying that you are in violation could potentially have a larger impact on your income stream.

[Jtalk4456]

12 hours ago, wanderingfool2 said:

You miss the subtlety of what I was implying...it's that you were saying he should have called support.  Finding an phone/email means nothing if it's hard to get a response from the listed phone numbers.  (Because even some decent sized channels aren't on the partner support program, which means your link would be useless if he wasn't).  Options aren't really there if they are hard to get a hold of.

If you watched his video, you would have realized that he thought he was "moving" it (and that the warnings were to be overlooked because it would be "moved" to his new account).  With that said, it seems as though that is a similar process that YouTube actually did when restoring his account [they literally got him to create a new account the same way. And I suspect moved over the deleted account].

Ignoring an email (from an official google.com) saying that you are in violation could potentially have a larger impact on your income stream.

I get exactly what you mean, but my point still remains that there ARE options that should have been explored before following instructions from an unsolicited google chat. There were red flags here. Moving or deleting, the acct is being changed/affected in some way, and it still makes no sense that YT would be asking him to do that instead of just correcting what sounds like maybe a database conflict given their given excuse in the scam. My overall point is, if someone is contacting YOU, asking for YOUR info, or asking YOU to do something, and this was not something you were expecting, then they bear the burden of proof that they are who they say they are. If it's really them, then contacting support (however poor) would be recorded and you are well within your right to verify the contact was legit. If you get an unsolicited call asking you for your info and you just give it up without calling the real company to be sure, then the company isn't at fault, the phone company isn't at fault, YOU chose not to verify. simple as that. I work in a call center and if the cx calling in can't verify their service address for me, then I can't do anything else. Basic verification is important, even if not convenient.