As YouTube's popularity has grown exponentially over the past few years, businesses have been forced to decide whether they should block the site, chiefly because of fears it would eat away at worker productivity or suck up the company's bandwidth. Now, businesses may decide to block the popular Web site because of legitimate security concerns.
Hackers in their infinite ability to innovate can now build exact replicas of a YouTube Web page that deliver malware, according to the Associated Press.
A program circulating online helps hackers build those fake pages. Users who follow an e-mail pointing them to one of the pages would see an error message that claims the video they want won't play without installing new software first. That error message includes a link the hacker has provided to a malicious program, which delivers a virus.
Even worse: once the computer is infected, it's simple for the hacker to silently redirect the victims to a real YouTube page to see videos they were hoping to see — and hide the crime.
Nevertheless, like all cyberscams, a little discrimination can go a long way. The scam operates by e-mail so anyone receiving an e-mail from an unknown sender asking them to click on a link to a YouTube page might want to reconsider— or at least independently verify the site is safe. Even after clicking on the link, alert users will notice that the Web address isn't YouTube's.
But if you're an IT administrator, depending on the vigilance of the company's employees may be too risky.