Crypto Scams Get a New Look With “Stream-Jacking” Technique That Links Hijacked YouTube Channels to Phishing URLs

A crypto scam that promises investors large returns on their investment and then takes their money, has been making the rounds, using hijacked YouTube channels as the lure, and the followers of the channel as the victims.

The premise of the scam is simple: bad actors hijack a YouTube channel that has a large number of followers, rebrand it (in this case to a Tesla or SpaceX theme), then show a live stream feed featuring a video of Elon Musk speaking. The scammers use the chat feature to send messages saying how you can double your money, and provide links to other URLs which are phishing pages.

This technique is important to note because unlike scamming a company’s accounting department to get them to send a check via a bank transfer or wire transfer, this kind of scam can put bad actors directly in front of people who can use their own money/crypto without having to worry about compliance issues or procedures that may prevent the transfer from going through. If the person is effectively duped into believing the offer (for a large crypto currency return on their investment) they can send the money directly from their crypto wallet, and it is gone.

Further, this scam lets the bad actors go after a large number of potential victims all at once (many of whom may not be the least bit suspicious because the site they are on is a YouTube channel they frequent regularly) instead of focusing on one entity that may/may not come through.

As crypto becomes more commonly used as an important commercial currency, this kind of scam could have massive ramifications for companies that are implicated this type of scam, but one-step out of the frame because they are not the target of the hijacked channel. While companies like Tesla, SpaceX, Apple and Google, are well-known companies that have immediate recognition, it is easy to see how other smaller companies with popular but niche products could also be used effectively to convince users that the offer is trustworthy.

There are a lot of URLs connected to the scam – here is a list of a few of them:


Share This Post

More To Explore

Brand Protection for Marketers and Brand Teams

Get the Protect Your Brand Newsletter

Brand Protection for Marketers and Brand Teams

Learn the latest strategies and tactics on how marketers and brand teams are protecting customers and revenue.