Analyzing a YouTube Sponsorship Phishing Mail and Malware Targeting Content Creators, (Wed, Jun 21st)
![](https://www.dataleakreport.com/wp-content/uploads/2023/04/Screen-Shot-2023-04-24-at-9.22.39-AM-1024x670.png)
One of our Stormcast listeners, Kevin, wrote in to share that his friend Jon had received a direct spear-phishing e-mail. We requested for more information, and Jon kindly provided us with the corresponding e-mails and data to analyze. The spear-phishing e-mail sent to Jon masqueraded as an individual representing NordVPN (note: NordVPN had published an advisory about scammers posing as NordVPN representatives earlier this year [1]) and enquired about the possibility of a YouTube sponsorship/collaboration with his YouTube channel. I took the liberty to examine the phishing e-mail and its associated artifacts, noting the details I observed from my analysis.
Article Link: https://isc.sans.edu/diary/rss/29966
1 post – 1 participant