Security experts at Panda Lbs have detected YTFakeCreator, a programme used by cyber-crooks to create fake YouTube pages to infect users with malware.
Cyber-crooks send an email containing a video with sensational content (such as erotic images or the death of a celebrity) and encourage users to click a link to watch the video. This is known as social engineering.
Once users reach the spoof page, which is very similar to the actual YouTube site, the user will see an error message informing that they can't watch the video as a certain component is missing (like a codec or an Adobe Flash update) and prompting them to download it.
However, on doing so, they will actually be allowing malware onto their computers.
YTFakeCreator lets cyber-criminals create these spoof YouTube pages very easily. They can enter the text for the error message displayed by the web page, define how long it takes the message to appear, enter the link to the infected file downloaded onto the victim's computer, and create a false profile similar to those in YouTube to pretend the video has been uploaded by a real user – all within the same programme.
The criminal can also choose the type of malicious code to be distributed from these fake pages, options which include viruses, worms, adware and Trojans.
"This type of programme has led to the increased use of this technique to infect users," says Jeremy Matthews, head of Panda Security's sub-Saharan operations. "The tools made available to cyber-criminals nowadays means that users need to take every precaution to avoid falling victim to these attacks.
"The fact that the pages used by criminals are very difficult to distinguish from the legitimate pages helps ensure that a growing number of users are infected."