YouTube Creators Targeted in AI Deepfake Phishing Scam!

A new phishing scam is targeting YouTube creators using AI-generated deepfake videos of YouTube CEO Neal Mohan. Attackers trick creators into sharing login credentials by pretending to send a private video about monetization updates. Once hacked, accounts are used for scams and malware attacks.

Fake Emails from “YouTube” – Creators receive emails with a private video link claiming to contain important monetization updates.
AI Deepfake Scam – The video features a fake Neal Mohan instructing users to log in via a fraudulent website (studio.youtube-plus[.]com).
Credential Theft – Hackers steal Google account details and 2FA codes, taking full control of YouTube channels.
Malware Infection – Some victims unknowingly install malware like Lumma Stealer, which collects sensitive data.
Massive Impact – Over 200,000 creators worldwide have been targeted, with phishing emails sent through 340+ hacked servers.

How to Stay Safe:

Check URLs carefully – YouTube’s real links use youtube.com or youtube.google.com.
Never trust private video requests – YouTube does not send private videos for policy updates.
Enable Strong 2FA – Use a hardware security key instead of SMS-based authentication.
Monitor Google Account Security – Check for unauthorized access and revoke suspicious sessions.
Avoid downloading attachments – Attackers often send malicious ZIP files disguised as “collaboration proposals.”

Cybercriminals are using AI deepfakes to make scams more convincing than ever. YouTube creators must stay vigilant and verify all communication before taking action. Always double-check URLs, enable strong security measures, and report phishing attempts to protect your account.

Sharing is caring!
Share

Tweet LinkedIn