Do You YouTube?

If you do YouTube, then this is something you really need to be aware of before it is too late!

Here is a screenshot of something a little different I received in my inbox this morning, it is an e-mail that says it has been sent by 'YouTube Service' aka 'service@youtube.com':



This nicely formatted e-mail that says it has come from a friend contains lots of links to click on; all the ones shown on the right of the e-mail go to YouTube or Google pages, as they claim to. However, clicking on any of the links on the left of the e-mail takes you to the site shown in this screenshot:



How many of you would have believed that this is a screenshot of the real YouTube site and then proceeded to download the 'Flash Player' offered?

Very convincing isn't it? Looks like the real thing...!

But it isn't the 'real' YouTube site at all, and to make matters worse for anyone that believed it was the 'real' site and then downloaded the 'Flash Player' offered, not only didn't they download and install 'Adobe Flash Player', they now have an infected computer, just because they let curiousity get the better of them.

It looks like the malware authors have been taking lessons from the Phishers, as this is a very well done 'Fake YouTube' site and using this level of social engineering means that more people will fall for this and infect their computers, which may well mean that if the malware offered is a bot [Agent], or proxy [Hacktool.Proxy] then the infected computer could soon be sending out lots of spam or taking part in a DDoS attack [Distributed Denial of Service].

More data on the file and the level of detection when I first found it, can be found here on my VSUB blog.

In fact as it is such a good example of the level of social engineering now being used I might well create a video of it and post it to the 'real' YouTube, on my own channel.

The video is now on YouTube, here is a direct link to it.