YouTube Turned Into YouSpam
One of YouTube's features has been turned into a very effective spamming tool, security provider Marshal reports.
October 8, 2007
“YouTube users have a facility where they can invite their friends to view videos that they are looking at or have posted. This effectively allows them to email to any address from their YouTube account. This is the functionality that the spammers are exploiting,” says Bradley Anstis, Marshal Director of Product Management.
“Spammers are doing this to defeat spam filters and to lower the recipient’s guard by making it look as though the messages are coming from a perfectly innocuous email address. YouTube’s own Help Centre suggests that you exclude the firstname.lastname@example.org email address from spam filtering. The spammers are keenly aware of this,” he adds
This tactic is not new. According to Anstis, the new spamming spree is basically the same thing that hit the Web back in August, when spammers used a Trojan to automatically generate large numbers of Hotmail and Gmail accounts
All in all, do pay attention to email coming from YouTube and don't be quick to click the first provided link. More details are available here.