If you’re a YouTube creator, keep an eye out for a new phishing campaign that uses an AI-generated video of YouTube’s CEO, Neal Mohan, to trick you into handing over your account credentials. Scammers are sending private videos and emails claiming YouTube is changing its monetization policy in an attempt to lure creators to malicious sites.
YouTube’s Alert
According to an alert from YouTube, threat actors impersonating the platform have been sharing private videos that supposedly show an announcement from the YouTube CEO. In this AI-generated video, “Mohan” details some changes to the YouTube Partner Program (YPP) and asks creators to confirm the new terms. The attackers then prompt viewers to click a link that leads to a phishing site designed to steal their Google account credentials.
⚠️ Heads up: we’re seeing reports of a phishing attempt showing [email protected] as the sender
Be cautious & don’t download/access any file if you get this email (see below)
More info here: https://t.co/BSu1FTYysL
While our teams investigate, try these tips to stay safe… https://t.co/nkoO7EUoaR— TeamYouTube (@TeamYouTube) February 14, 2025
Some key details you need to be aware of:
- Attackers send the video as “private,” making it seem more legitimate or exclusive. YouTube stresses that it never contacts users via private videos.
- The scammers claim that you must confirm new policies to continue monetizing your channel, linking you to a malicious domain (e.g., studio.youtube-plus[.]com).
- Creators are told they have only seven days to comply, or they risk losing key account features, including uploading new videos and collecting revenue.
- Once you click the link and “sign in,” scammers steal your credentials. They then hijack channels—often using them to run live cryptocurrency scam streams.
Bitdefender Labs has made multiple reports on YouTube account takeover attacks and phony livestreams used by cybercriminals to defraud audiences:
Stream-Jacking 2.0: Deep fakes power account takeovers on YouTube to maximize crypto-doubling scams
A Deep Dive into Stream-Jacking Attacks on YouTube and Why They’re So Popular
Streamjacking Scams On YouTube Leverage CS2 Pro Player Championships to Defraud Gamers
- Ironically, the phishing emails also include a warning that YouTube “never shares information via private videos,” hoping creators ignore their own red flags and trust the instructions.
YouTube pinned a post on its community website to warn users about the scam. The company emphasizes that it will never send private videos to users announcing policy changes or asking for credentials. They also remind creators not to click on untrusted links or download unknown files, and they urge creators to use YouTube’s Help Center to report phishing attempts and block suspicious senders.
Related articles:
- How Fake Sponsorship Emails Are Targeting YouTube Creators
- Scam Offers for Influencers: What to do if Fraudsters Target You with Fake Crypto Endorsements And a Large Paycheck
- Content Creators: Why 2FA Isn’t Enough – How Hackers Bypass Basic Security
- Content Creators: Here’s How to Prevent Hacks and What to Do If You’re Compromised
How to Stay Safe
- Verify the sources of unsolicited emails: If you receive an email or video claiming to come from YouTube, double-check the sender’s email address. Official YouTube or Google announcements will come from recognized domains (e.g., @youtube.com or @google.com).
- Never click unverified links: Hover over links to preview the URL. If it looks suspicious or doesn’t match a known Google domain, don’t click it.
- Use Strong, unique passwords and enable multi-factor authentication on your Google account. These steps drastically reduce the chance of account hijacking should you ever fall for a similar phishing email.
- Be wary of urgent requests: Scammers want you to act quickly, without thinking requests through. They set deadlines and threaten account removal to force your hand. Always verify changes through YouTube’s official channels or your YouTube Studio dashboard.
- Report any suspicious content: If you receive a private video or suspicious email, report it immediately to YouTube Support. Encourage your fellow creators to do the same.
- Leverage security solutions like Bitdefender Security for Creators, which offers industry-leading protection from malware, phishing, and account takeovers. Most importantly, with YouTube Account Protection, you can keep control of your YouTube channel by detecting any hacking attacks with 24/7 alerts for mass video deletion, alterations to account name, profile picture changes, and more.
- Use scam detection tools like Bitdefender Scamio and Bitdefender Link Checker
- Bitdefender Scamio is a Free AI-powered scam detection tools that helps you detect scam websites and fraudulent attempts in no time. There’s nothing for you to download, as the service works seamlessly on your web browser, WhatsApp, Discord or Facebook Messenger. You can send Scamio links, QR codes or simply chat with it. Based on the information you provide, Scamio will give you a verdict and steer you clear from scams and fraudulent attempts.
- Bitdefender Link Checker, another FREE tool that provides on-the-spot scanning of URLs in emails and web pages to prevent you from visiting harmful websites.
Pair these precautions with Bitdefender Security for Creators, and you’ll be well-equipped to combat phishing attacks and keep your channel and your content—safe.