YouTube has become the latest Internet brand to have its service hijacked as a way of defeating anti-spam filters.
According to email security company Marshal, spam is being routed through YouTube using the ‘friends invite’ feature to make it appear like legitimate email traffic. As well as catching people off guard – the emails appear to come from [email protected] – this is also likely to slip through any spam filter not set to block legitimate YouTube emails.
“Spammers are doing this to defeat spam filters and to lower the recipient’s guard by making it look as though the messages are coming from a perfectly innocuous email address,” said Bradley Anstis of Marshal. To make matters worse, he said, YouTube also gave users advice on how to stop anti-spam systems blocking video invites from its website.
“If your friends haven't received the YouTube videos you've shared with them, please ask them to check their spam folder to see if the emails were filtered there. Adding "[email protected]" to their address book or filter exception list may help avoid this problem in the future,” YouTube’s technical support helpfully suggests.
The spam hijack is a logical extension of one on parent company Google, which had its Gmail service hijacked in an even more elaborate way in August, Anstis said. In that attack, spammers had lured the users of Trojan-infected PCs with the promise of porn as a way of getting them to enter the special character strings required for registration. These characters would normally defeat automated registration systems used by spammers to set up bogus accounts.
YouTube is a favourite with criminals but is normally used to distribute malware more directly through bogus links, as in the Zlob malware incident of last June.
Spammers have also been hard at work this summer trying to find ways to increase the amount of spam getting through anti-spam filters, employing normally trusted file formats such as PDFs as a way of catching systems off-guard.