Image by DC Studio, from Freepik
Cybercriminals Use Fake Brand Deals To Target Popular YouTube Channels
Reading time: 2 min
Posted on Dec 17, 2024
-
![Kiara Fabbri]()
-
![Justyn Newman]()
Fact-Checked by Justyn Newman Lead Cybersecurity Editor
A new report highlights how cybercriminals are increasingly targeting YouTube creators with fake brand collaboration offers to spread malware.
In a Rush? Here are the Quick Facts!
- Phishing emails impersonate trusted brands, offering partnership deals with malicious attachments.
- Malware is delivered via password-protected files hosted on platforms like OneDrive.
- Once opened, malware steals credentials, financial data, and enables remote system access.
These attacks aim to steal sensitive information, including login credentials and financial data, while also allowing remote access to the victim’s system, as detailed in the report by CloudSEK.
The phishing campaigns are highly sophisticated. Attackers impersonate well-known brands, sending professional-looking emails that offer enticing partnership deals.
The emails include fake contracts or promotional documents disguised as password-protected files hosted on trusted platforms like OneDrive or Google Drive. This method helps the malware bypass security filters and antivirus software.
Once a creator downloads and extracts these files, the malware is silently installed. It can then steal browser data, passwords, and even clipboard content (used for copy-pasting). In some cases, the malware allows attackers to remotely control the victim’s device.
The initial stage of the attack often begins with cybercriminals using automated tools to collect email addresses from YouTube channels.
These tools allow attackers to send bulk phishing emails that look convincing, complete with official brand logos and well-written text. Victims, especially content creators and marketers looking for collaborations, are lured into believing the offer is legitimate.
Security researchers note that the malware files are often delivered in layers. For example, a compressed folder may contain another password-protected archive, hiding the malicious script. Once executed, the malware connects to servers controlled by the attackers, where stolen data is sent.
This campaign highlights the growing sophistication of cyber threats targeting social media influencers and creators. YouTube content creators are particularly vulnerable because of their reliance on brand deals as part of their revenue streams.
Experts recommend creators remain cautious and verify all collaboration requests. Simple steps include checking the sender’s email address, avoiding suspicious links, and scanning attachments before downloading.
Adopting robust cybersecurity practices, such as enabling two-factor authentication and using updated antivirus software, can also help prevent such attacks.
Latest articles 
Leave a Comment
Cancel