So, you received a message from YouTube.
A notification for YouTube creators with a private video appeared, and the title of the video was “Changes in Monetization Policy.” If you’re just a viewer and don’t have your own YouTube channel, or you don’t care about YouTube’s policies, you may have ignored this message. However, if you are a creator, you may be wondering what this is all about.
There are some peculiarities in the email that immediately stood out to me. First, it was sent to the official email of my channel, which is hosted on my own personal website. This is the email address you would see if you opened the “About” section on my YouTube channel. However, this is not the email that my channel is registered with—it’s obviously registered to a Gmail account. All legitimate notifications from YouTube should go to my Gmail, not to the official email I have posted publicly. While not every YouTuber will have a different address in their “About” section, this discrepancy indicates that these emails were harvested, which is suspicious.
The second suspicious aspect is the wording of the email itself. If you look at the small print, it actually states that YouTube and its employees will never attempt to contact or share information through a private video. Yet, this is exactly what was happening—someone was trying to share information about YouTube through a private video while making it appear as though it was official.
Yes, this email came from a “no-reply” YouTube email address, which YouTube does use when someone shares a video via the standard YouTube share feature. The only reason the email was titled “Notification for YouTube Creators” is because the sender’s channel name was something like that. However, if you actually clicked on the channel name, you would see that it had already been deleted for violating community guidelines.
If you’re curious about what the shared video contained, it featured an image of the current CEO of YouTube. However, the video itself was an AI-generated lip-sync, meaning he was made to say things that he never actually said. In short, it was a fake.
There were more red flags: the channel had only 129 subscribers—far too low for an official YouTube channel—and the video had just 850 views, which is also suspiciously low for an official YouTube video. Furthermore, the scammers wanted viewers to click on a link that appeared to be from goo.gl, a legitimate Google URL shortener. The issue is that this website is used to host user applications, meaning it can be exploited for malicious purposes. The link redirected to a dangerous site containing a virus, likely a keylogger, which could be used to steal YouTube credentials and hijack a channel.
We’ve seen this type of scam before. For example, Linus Tech Tips’ channel was hacked in a similar manner, though in that case, an email attachment was opened by an employee. That virus then gained access to multiple channels, leading to a fraudulent livestream featuring AI-generated content. The scammers used a fake version of Linus to persuade people to invest in a cryptocurrency scam.
This current scam follows the same playbook. They try to fool you into thinking the email is legitimate because:
It comes from a “youtube.com” email address.
The sender’s channel name sounds official (e.g., “Notification for YouTube Creators”).
Even the malware appears to be hosted on a Google-associated site.
The reason I am writing about this is that this scam will not stop here. It will reappear under different channel names with slight modifications, but the core idea will remain the same: tricking users into downloading malware that allows hackers to take control of their YouTube channels.
How to Protect Yourself
Do not click any suspicious links.
Do not trust emails blindly. Always read the small print.
If you’ve already downloaded a suspicious file, act fast:
Change your YouTube password immediately from a different device (preferably your phone).
Do not enter your new password on your infected computer.
Perform a complete wipe of your computer. Do not simply reset Windows to factory settings or revert to a restoration point. You must fully format your drives and reinstall Windows from a clean USB boot drive.
This is the only way to ensure your system is malware-free and that your YouTube channel remains secure. Stay vigilant and always verify the authenticity of any YouTube-related messages!