Malicious Website / Malicious Code: Rock Phish Using YouTube

Websense Security Labs ThreatSeeker has received reports of new malicious code that utilizes the YouTube brand to lure users into running the code.

The attack begins with an email lure written in html that invites users to view a video from YouTube. Upon connecting to the site, users are directed to a page that resembles the real YouTube site. The page then reports that the video cannot load and attempts to dupe users into downloading and installing a flash player.




Trackback URL for this entry is:


Post a comment

If you have entered an email address in the box, clicking this checkbox will subscribe your email address to this entry so that you are notified if any updates or additional comments occur on the entry.