People keep expressing their doubt that a single click can do anything really bad. I'm going to further explain in this pinned comment... The old version of KZread Creator Studio had a very serious vulnerability to CSRF attack - an attacker could present a link that when clicked would add the attacker as a 'manager' with full privileges on the victim's KZread channel (assuming the victim was persistently logged in). A single click would do it as this feature did not prompt for any further authorisation or confirmation. The attacker would then shut the victim out of their own channel and take it over. This happened to a lot of people and it only stopped happening when KZread retired the old Creator Studio pages and migrated everyone to the new one. This vulnerability was not announced and I believe the reason for this is that they couldn't fix it; announcing it would have made the problem vastly worse. Instead, they focused on migration, which, I believe is why the Studio migration project was so aggressively pursued. And in my former role in IT management, I have had to respond to many malware incidents - at least two of which were both very serious (threatening serious impact to systems), and verifiably were initiated by a single click on a link. *Don't tell me it can't happen - I've seen it with my own eyes,* as well as the damage it can do.

@brickwall2900

3 жыл бұрын

wow this comment was recently new and the video is 8 months old

@exilelol1321

3 жыл бұрын

Thanks for clearing some stuff up. I love your channel by the way! Keep it up!

@ThePharphis

3 жыл бұрын

Very interesting! Thanks for explaining

@warmike

3 жыл бұрын

so is it fixed by now?

@fundamentalsofknowledge6902

3 жыл бұрын

@@warmike Yes. As mentioned in the comment, a new KZread creator Studio was created. When that was happening, I honestly didn't know why just changing the design of the old studio wasn't possible if they just wanted to update it. Now I do...

That's why rickroll was invented, to teach people not to blindly click on links.

@katherinedobbs52

3 жыл бұрын

And Goatse before it

@dando541

3 жыл бұрын

@Creepy Armin Arlert yes

@anna_9195

2 жыл бұрын

Thanks Rick

@PhdTinsley

2 жыл бұрын

@Patrick Bateman fewwwww OH WAIT

@pchris

2 жыл бұрын

Yep. The song was actually even writen with this in mind.

Our IT department sends fake ones to staff....open it once...you get re-training, open it again in a 12 month period, you get HR discussion, open it again and you're turfed.

@isawadelapradera6490

4 жыл бұрын

Using it as training is probably great but using fake scambaiting as a reason for firing should be entirely illegal.

@KSPRAYDAD

4 жыл бұрын

@@isawadelapradera6490 I work in finance...clicking on anything in an email can exposed millions of our customers potentially.. that is both a financial and reputational risk...you can be an idiot 2x before they fire you...more than fair imo....its very simple...don't click on links...if you can't follow a simple rule, you shouldn't be working in this highly sensitive area.

@isawadelapradera6490

4 жыл бұрын

@leah rose I am not saying it should be illegal to fire someone for incompetence. That's actually the only reason I find perfectly adequate to fire someone. I am saying that if the incident has been purposefully set-up as a trap by the company, it should lose the totality of it's legal traction, and considered a mallicious set-up. If you disagree, would you let me fill your workplace with traps trying to prove how you could deserve to be fired? I'm sure you won't mind when I eventually catch you at a shortcoming rather than trying to properly teach you.

@Locutus

4 жыл бұрын

Isawa De La Pradera I worked at a bank years ago, and we used to have data protection and anti money laundering tests every 6 months or so (since we were in IT, we knew where the answers were kept), but if the bank gave an employee these tests, and they kept failing them, should they be fired? It reminds me of a test called "Read me first" the test was a piece of paper with tasks to do. Your task was just to read the paper first before you completed the task. The very last task said, do not do anything above. Just write your name on the paper and that's it. Most people failed the test.

@KSPRAYDAD

4 жыл бұрын

@@Locutus Ha...i remember my 3rd grade teacher pulling that one...a lesson learned young.

"I recorded you (through your webcam) satisfying yourself" Me: oh how cute, my pc doesn't even have a camera :|

@EuBrasileiro

2 жыл бұрын

Was satisfying wrote correctly tho?

@deniselai5145

2 жыл бұрын

hahaha imagine that’s your work laptop, and you reply ‘yea I was so satisfied looking through 50 excel sheets yesterday, so many lines, so many happiness’

@miru2583

2 жыл бұрын

i would just reply "oh you naughty boy you like it didnt you?"

@anniesmith6165

2 жыл бұрын

I always cover all my webcams, all day, everyday

@deniselai5145

2 жыл бұрын

@@anniesmith6165 that's a good thing to do hahaha, i do so too, just that it's much more fun to reveal what I do on my laptop, which is probably binging cup noodles while doing excel lol:D

Moral of the story: you’re not as cool as this guy, don’t go around trying to prank scammers

@earlessaxolotl8632

3 жыл бұрын

Use VM and a seperate email address that has none of your real personal details.

@Nostalgia_Addict

2 жыл бұрын

@@earlessaxolotl8632 why?

@earlessaxolotl8632

2 жыл бұрын

@@Nostalgia_Addict watch the video

@thismans1405

2 жыл бұрын

Only one way to find out

@dreadfulbadger

2 жыл бұрын

Don't prank scammers by clicking the links they want you to click. Got it

I got an email from my old buddy Brent asking me if I wanted to go fishing. Since I know about these fishing scams I was smart enough to block him and report his email address to the police. Thanks, Atomic Shrimp!

@geyotepilkington2892

4 жыл бұрын

10/10

@adamnajami4902

4 жыл бұрын

Outstanding move

@rowboat10

4 жыл бұрын

that's not what he meant this reply is a joke please don't respond with r/woooosh

@viscountrainbows6452

4 жыл бұрын

Highly sus story: Only requests to go fishing via carrier pidgeon are trustworthy.

@sahilalamgir9998

4 жыл бұрын

He meant phishing, not fishing. It’s even in the title!

Hello there, John Warosa here. Were here to tell you that you just got the copyrite. Please click *HERE* to not get the copyright stryke.

@paola7673

4 жыл бұрын

The copy rite stroke

@CreeperPookie

4 жыл бұрын

I actually hovered over "HERE".. lol

@Terrus_38

4 жыл бұрын

Be rest assured

@Cautionary_Tale_Harris

4 жыл бұрын

This is John Barosa your old frend do not listen to John Warosa he is scammer.

@akashP998

4 жыл бұрын

I'm from the youtube service department of health and be rest assured this guy is a fake! I've know not a soul called John Warosa.

I ignore so many spam calls, texts, and emails that if I ever genuinely get contacted by someone important, they’ll also be ignored. My sister was offered a job from the actual FBI and ignored it thinking it was a scam.

@Purpletrident

2 жыл бұрын

I'm always afraid I'll miss an important call or email cause I never actually get an important one.

@No_king1143

2 жыл бұрын

idk man, that fbi looking kinda sus

@tonyflamingo3444

2 жыл бұрын

That's why you check the url and sender

@EugeneVDebs-mo6dh

2 жыл бұрын

Good, the FBI killed MLK

@zock_zock9147

2 жыл бұрын

I was offered to become president of the US but sadly I thought it was a scam and ignored it :/

But a Nigerian prince wants to give me $300,000, and all I have to do is pay for the processing cost!

@comdam

4 жыл бұрын

it is a scam

@CreeperthanPasta

4 жыл бұрын

@@comdam no its not

@comdam

4 жыл бұрын

@Enraged Mango it is

@comdam

4 жыл бұрын

@@CreeperthanPasta it is becuse i seen emails like that to

@not_proton

4 жыл бұрын

@@comdam do you mean that I am not getting my 3600 kgs of gold delivered to my home?

My mom has been complaining about general slowness on her computer, turns iut she had a mining virus. The cpu (8th gen i7 4 core laptop chip) was at 5% after startup and after 15 minutes it went up to about 70%. I recovered all the files she needed and nuked the entire drive, and got a new windows install going and pointed her towards your email scam videos.

@cakeehUwU

4 жыл бұрын

how did you clean the radiation after nuking the drive?

@andrewqu7908

4 жыл бұрын

waiting for smart redditors

@marcgarciacomas4491

4 жыл бұрын

r/IHaveReddit

@IAm-zo1bo

4 жыл бұрын

@@marcgarciacomas4491 you can only post what they want you to post

@justamanofculture12

3 жыл бұрын

@@cakeehUwU just yeeted tge radiations

“better be safe than sorry” and I think this idiom fits this video perfectly.

@johnscherer5686

2 жыл бұрын

@@charlieearley8399 considering “sorry” is used here somewhat colloquially, I think you could make a case for it.

@theoofer478

2 жыл бұрын

@@johnscherer5686 It is more of a proverb.

@starisma4215

2 жыл бұрын

@@charlieearley8399 I guess phrase would be a better word than idiom

@sup_my_bwana

2 жыл бұрын

This is what happens when people try being pompous in comment sections

I’m scared of my emails in general. I’ve got hundreds of thousands of unread emails dating back to middle school. 😂😂

@chillcloak

2 жыл бұрын

Omg I thought I was the only one with this irrational fear. Whenever I get a new notification in my inbox I get this nasty feeling because I’ve fallen for phishing emails before since claims of urgency always trigger my anxiety. Nowadays I’m a lot more careful but I always hope that every new email I get is just part of a newsletter or something.

@RatedMelis

2 жыл бұрын

@@chillcloak honestly same here. I once checked my spam and saw a sextortion scam email. Got so scared that I ended up changing my email on all my accounts to a new one and deleted that email account. Now I actively avoid going on the spam section of gmail

@TaeSunWoo

2 жыл бұрын

If this ain’t me

@dsmitski644

2 жыл бұрын

Make a new one?

I wanted to watch this video but i was afraid to click on the link. Could someone let me know what it was about please! Thanks!

@maggieent3215

4 жыл бұрын

The fun you may have from clicking it is... actually rather small I think.

@BobSmith-bz6gt

4 жыл бұрын

Don’t watch this video your account will get stolen

@onyxcode

4 жыл бұрын

r/usernamechecksout

@mparagames

4 жыл бұрын

@@maggieent3215 Are you PAPYRUS?

@idlesquadron7283

4 жыл бұрын

@@onyxcode This isn't Reddit.

"We detected artificial traffic on your youtube channel but we don't know your channel's name or url! Send info!"

@nardalis4832

3 жыл бұрын

Lol yeh that one is too obvious. If they now DID detect that traffic, how come they knew it was that channel, when they're contradicting themself by asking what the channels name is?

@diaryofamadman6436

3 жыл бұрын

@@nardalis4832 you just re-stated what was already clearly stated. I assume you then gave yourself a thumbs up because no one else would reward such a pointless and idiotic comment with an "atta boy". learn from this, better yourself, and quit being dumb

@nardalis4832

3 жыл бұрын

@@diaryofamadman6436 Uhhh what? I was commenting it since it was funny they did know something but still asked for it. I'm not an "atta boy" or whatever you're saying. You dont have to agree with my statements or even care at all about it if you don't want to. No one told you to. So go down your rabbit hole and be rude to someone else if thats now your style

@nardalis4832

3 жыл бұрын

@@diaryofamadman6436 Oh, also, that "thumbs up" isn't me. Its someone else who clearly liked my comment more than you did

Generally speaking, if the email with a link is not a direct response to your action (password recovery, 2 factor authentication, etc), its best to assume its malicious. Even if it is something coincidentally arriving after an action you did, if the message is not expected, best to assume its malicious unless proven otherwise. For example, I placed an order on Amazon and almost instantly got an email claiming there was a problem with my recent order. Rather than trusting the email, I just checked my Amazon acct and saw there were no issues at all. It was just a scam email with good timing (or bad timing, depending on how you look at it).

@AtomicShrimp

3 жыл бұрын

100% agree with this. I just don't understand all the people who keep saying "but what if I hover, or right click and copy paste etc"... NO. If you begin with the assumption that it's malicious, you don't go looking for ways to kind-of-click it

@shmehfleh3115

Жыл бұрын

@@AtomicShrimp One option is to display all emails as plain text. That way, no links work, no scripts run, and no images get downloaded. One thing you forgot to mention in the video is that you don't even have to click a link for a scammer to know you've read their email. If your mail client is set to automatically download embedded images, they'll know when your mail client contacts their server to try to pull the images down.

"What happens when you click on links in phising emails?" *I'd probably get Rick Rolled*

@void9120

2 жыл бұрын

I accidently klicked on paypal phishing link but closed it right away i hope im good, the page didnt load

@SuperTenienteMantequilla

2 жыл бұрын

@@void9120 u fucked

@tiffanysmith1099

2 жыл бұрын

@@void9120 were you good?

Although typically quite cautious, I've never once questioned an "unsubscribe" link in a promo email.

@auxencefromont1989

4 жыл бұрын

Wow.... we can t even unsubscribe....

@forestofsecrets7273

4 жыл бұрын

i forgot promo was an english word so i through you suddenly started talking spanish i do not know spanish so idk if promo is a spanish word too or if theres one spellt similarly

@colormedubious4747

4 жыл бұрын

If you clicked that, you verified that your e-mail address is good. Prepare for the Spam-valanche!

@RudeGuyGames

4 жыл бұрын

@@forestofsecrets7273 It's not a word but to those who are too lazy to write "promotion" or any of its derivatives.

@807D14M0ND5

4 жыл бұрын

@@RudeGuyGames Abbreviations and even acronyms are considered words.

Something that took me a while to realise is that there are actually some pretty smart scammers out there, you don't have to be dumb or technology incompetent to fall for a scam.

@Krispen_Wah

4 жыл бұрын

It's all about emotions... And we all have them at some point.

@lastwinter0419

3 жыл бұрын

@@Krispen_Wah social engineering

@M-Cube_

2 жыл бұрын

Yep, had to learn that the hard way. I once got my KZread account fished. Got an email with the question "hey, is that you in this video?" with a link to the "video", of course. Clicked on it, had to log in in to "KZread". I, being overly excited who could've uploaded a video with me in it, didn't even wonder why I wasn't logged in anymore. Typed in my log in data and gone was my account. I was so excited because I was so scared back then that someone might have spied on me or something and uploaded it directly to KZread making fun of me and shit. Someone just found the right trigger on me.

@manganime1893

2 жыл бұрын

@@Krispen_Wah True, once someone stole my phone and was login in all my accounts then I got an email from "paypal" saying money had been withdrawn and I panicked and clicked the link... good thing nothing much happened

*proceeds to send legend of zelda images to everyone i know”* “Are you sCaReD oF LiNkS in emails?”

@dakotad.8609

2 жыл бұрын

I'm not scared. I have the Triforce of Courage!

@starawesom

2 жыл бұрын

fuckin' delete the images with the help from the triforce of power

@Luke-ts8ck

2 жыл бұрын

I am, but I won't because I have the triforce of wisdom!

A good tip when you receive a suspicious email is to go to manually log in your account in whichever website the email claims to come from. For example, if 'Paypal' is telling you your account got frozen, go to your browser and log in Paypal. If it is a real notification, it should manifest in a way or another.

I've received a sextortion email once, asked them to rate my "little soldier" as I call it. Haven't heard from them yet

@isoni9430

4 жыл бұрын

Maybe they're still looking for it, You never know.

@unoriginalcopy9844

4 жыл бұрын

@@isoni9430 maybe they sent the footage to American Society for Microbiology.

@Phloggers

4 жыл бұрын

@POOR PIRANO here before a really smart redditor says "r/woooosh"

@matty_daddy

4 жыл бұрын

Lol I have a one inch wonder 😉

@televizion9962

4 жыл бұрын

@@Phloggers uhm wdym?

Viewers, send this to your friends and family.

@TheLostOne172

4 жыл бұрын

Preferably by email

@geyotepilkington2892

4 жыл бұрын

Sounds like something a scammer would say

@prairiepanda

4 жыл бұрын

Send it by email with no subject line or explanatory text

@presidentofchina1496

4 жыл бұрын

Demetrio Cooper don't tell me what to do

@djkilla3711

4 жыл бұрын

No, this video could be malware.

I only open emails in a virtual machine installed on a computer I never use, and even then I keep a gun on the desk in case shit gets real.

@SuigaRou

2 жыл бұрын

@Airbus A300 Telling you those details would compromise my security setup. It's so secure it even defies logic.

@landsquid6561

2 жыл бұрын

To shoot the computer?

@550077

2 жыл бұрын

Unless you’re using Internet Explorer from 2002, the part in that video about a website installing some sort of malware on your computer is a complete nonsense.

@AtomicShrimp

2 жыл бұрын

@a550077 It's your confidence in the nonexistence of vulnerabilities that is nonsense.

@550077

2 жыл бұрын

@@AtomicShrimp Vulnerabilities are a general threat, they are not specific to pressing links. By that logic, the mere fact that you read an email is already a threat, because an email message can hide some malicious code too.

This is one of the scenario where "guilty until proven innocent" phrase is applicable

Thank you for this video. Succinct and to the point. I will surely be linking this to some people I know. For the curious though.. (and please don't read this as me being pedantic - I'm genuinely curious) I was surprised when you said you could have your KZread account hijacked in a single click. I would have thought this would require a two-click minimum for OAuth, giving you another opportunity to back away, or otherwise requiring a CSRF exploit (which seems unlikely for KZread particularly). Certainly this is true for many sites - session hijacking is a genuine concern - but in the specific case of KZread, is this a tiny exaggeration? or am I being ignorant of something? I don't wish to take away from the message of this video, though. I think the advice you've given is spot-on. Distrust by default.

@AtomicShrimp

4 жыл бұрын

I'm not exaggerating - I'm describing a real world (albeit worst case) scenario. There's a feature in the account management pages of KZread where you can add people you trust to be managers of your youtube account - the whole process of doing this normally takes multiple clicks and field entries, but no additional authentication. All they have done is to custom-code a URL that basically jumps you into the last stage of that process, with their account embedded in the URL as the person you are giving authority to. If you're already persistently logged into your Google account in Chrome, KZread doesn't challenge you to log in or authenticate, and just accepts that you are adding their account as a manager of your channel - they log in and take steps to shut you (the original owner) out. This might have been patched by now, but even if it has, there will be another exploit like it tomorrow, and the next day, etc.

@MeCooper

4 жыл бұрын

The more I learn about scammers tactics the more I want to distance myself from anything to related to Google _(Typed this on a pixel phone btw... Lol)_ even by proxy. The conspiracy nuts in me is half convinced Google actually consolidates all their stuff in to one thing to make scamming easier... ...Then I get hit with the realisation that scamming isn't much different to what Google already do with ads etc, They're just more subtle about it.

@Myx0

4 жыл бұрын

@@AtomicShrimp That's a very good point. Bad actors will always be able to find and exploit bugs before the developers get wind. I certainly didn't want to sound like I was trying to justify clicking dodgy links under any circumstances; My comment was just focusing in on a specific claim which gave me pause.

@AtomicShrimp

4 жыл бұрын

Not at all. You're not by any means the only person to question it, and I realise I did not really go into much detail in the video.

@Myx0

4 жыл бұрын

​@@AtomicShrimp I suppose what really struck me about this claim is that surely then an equal amount of caution should apply to any link on any web page? The bad actor could very easily embed the same link into a wikipedia article, facebook post or tweet; yet I wouldn't necessarily apply the same level of caution in those circumstances. Perhaps that's a mistake I've been making. The worst case scenario is certainly plausible (and possible), but... while I don't want to take away from the important message of this video, your plane could fall out of the sky too... if you see what I'm saying.

1:39 “you, sir, are having a heart attack” that’s great

@AtomicShrimp

4 жыл бұрын

Yeah - most of the spam in that mailbox gets automatically purged, but I kept that one because it's lovely

@someguy4405

4 жыл бұрын

Yosef Feinberg 1:40

@impolitedirector1341

3 жыл бұрын

1:41

@cultist1368

2 жыл бұрын

Oh well,guess I'll die.

Teacher: **sends link to online work** Video: *DO NOT CLICK ON LINKS* Me: sorry miss, I can’t do that

@smpark12

2 жыл бұрын

Lmao

@J_5612

Жыл бұрын

@@smpark12 lmao

@Baburun-Sama

Жыл бұрын

Blind Student: That is Too Late!! **clicks on a link** Video: "see, told you"

I'm only scared of clicking links because I don't wanna get Rickrolled.

@DyingSimulator

2 жыл бұрын

and that's the reason why rickroll was invented

Got to send this to my mum. Maybe the English accent will charm her into, erm, being less of a reckless idiot online? (Love ya, Mama. Listen to the Englishman!)

@maggieent3215

4 жыл бұрын

hopefully so

@badlarry172

4 жыл бұрын

he pretends to be from England but he's not, he's British your mom must be careful !

@maggieent3215

4 жыл бұрын

@@badlarry172 huh, I don't know what *Angle* you're going for

@nessamillikan6247

4 жыл бұрын

@ Maggie Ent Oh, put a saxon in it, will ya?!

@maggieent3215

4 жыл бұрын

@@nessamillikan6247 ...ok. I hope you don't feel *Gaul* towards me. *cymbals*

"Distrust by Default" or how I handle my social relationships IRL

@RichardConnor1

4 жыл бұрын

If only people handled their government that way as well....

@blacktiger974

4 жыл бұрын

@@RichardConnor1 let's get rid of governments then!

@legion999

4 жыл бұрын

@@blacktiger974 have fun with your failed state

@urbexuk5637

4 жыл бұрын

@@RichardConnor1 definitely most willingly trust governments but people are waking up

@thomasherzog86

4 жыл бұрын

this comment was hijacked by politics. please stay calm and wait for further instructions.

A good method to uncover mails posing as other services (I had it happen with amazon, mostly) is to check the full sender address. More often than not, you'll immediately see that while it maybe named "Amazon" or whatever, the full address often is some weird disposable mess of an address. Sometimes they do a better job disguising and try to copy the address or email subject, in which case, it's harder. For that, I actually started to keep mails I *know* are legit in my archive to compare if I'm REALLY uncertain. Sometimes it's a difference as small as a single dot or comma to distinguish between real or fake.

I’m always telling all the older people I know, and repeating over and over again: don’t click on links in emails. If nothing else, simply don’t click on links...ever. I just hope they listen.... Thanks for making this video, so it can get to more people. You’re a hero for making this kind of content.

"it's cAsE-sEnSetiVE" All of my internet experience has taught me to read this in the most sarcastic voice possible

@zombiekiller7101

3 жыл бұрын

*tOGgle*

@thoop6795

2 жыл бұрын

*nO tHiS iS sErIoUs aNd iS nOt a jOkE*

There have been several times where I've got an email that I couldn't tell if it was simply a really clever forgery -- in these cases I never do anything until I find that company's official customer support number from their official website (or some other source that I already trust) and ask them if the problem stated in the email is genuine. I think that might be good advice for someone who is having trouble deciding on if an email is dangerous or not.

I just can't thank you enough for just your great effort on the videos' quality of illustration and making the point easy to understand

There was a channel (Qoves Studio) with hundreds of thousands of subscribers, they lost the entire channel in May 2020 because one of them clicked on a link of a scam email. Just one click. The channel was hijacked, it then changed name and posted other irrelevant contents before getting striked and removed. The owners relentlessly contacted KZread but they are despicably incompetent. The channel is maintained in an office with staffs that rely on ad revenue to sustain themselves. What's left is a new backup channel explaining all this. This is very real and not an outdated threat

@Rainquack

3 жыл бұрын

I remember this happening to GlobalLeaks. Now it's just some clickbaity trash. (Well, more than before.)

He sounds like the narrator on The Stanley Parable.

@0ninja213

3 жыл бұрын

I just realised that lol.

@vitaliy.sergeev1

2 жыл бұрын

British Accent has it all, I guess

@supporter6014

2 жыл бұрын

Omg you’re right

@Cord-vc7wd

2 жыл бұрын

Stanley will now not touch that link in his email

This all relies on the fact that you actually read your emails

@geyotepilkington2892

4 жыл бұрын

Right. I have over 250,000 unread emails on my oldest account. Only ones I actually read are verifications when making new accounts or checking the shipment status on my orders. Nothing else XD

@bitelaserkhalif

4 жыл бұрын

Same

@ijneb1248

4 жыл бұрын

The way online shools been treating me recently ive just been ignoring my emails

@Trippsy05

4 жыл бұрын

True facts. Finally cleaned out my email after 3 years of buildup and oh boy there was a lot. It was like a time capsule going through the past 3 years.

Dear Atomic: You put so much valuable info in your videos ( thank you!) we are going to start needing transcripts so we can digest everything you covered.

thanks for this video. ive been having a hard time communicating this to my older friends and family members. They don't seem to understand how bad it can really get and why just looking is all it takes to lose it all. keep up the good work!

This should seriously be an advert, its very important and some people really dont know

I have a simple rule Its probably a scam It has saved me a lot of virus and scams

@megakidicarus4647

4 жыл бұрын

I like that utilized meter: 5-7-9 if I'm not mistaken.

@tactileslut

4 жыл бұрын

@@megakidicarus4647One of your fingers is blinking in and out.

saying thank you just doesnt seem like enough. it is truly a scarry world we are living in. you really are incredable. thank you so much for your service.

One more thing, for most sites (youtube included), it's a lot safer to just visit the site manually (the way you'd normally do) to see security alerts if you receive an e-mail. No need to click links at all, even when lrgit

Mr Shrimp, if I am a quarter of the interesting genius you are when I get your age, I'll consider myself super lucky

Literally I would be so done if I got scam attachments right now. All of my teachers send me attachments that I have to download to look at or to print off. If someone impersonated their email they’d get me for sure.

@KS-tl4hk

3 жыл бұрын

Simple things like please and thank you stopped our government realising files to scammers. The boss was a rude fucker and the scammer used ‘thanks a lot, can you check this for me please?’ Employees were like, nope that ain’t him, and their branch was saved

@dankolord

3 жыл бұрын

Time to run a VM

Thanks for this one. Nearing 70, cynical by nature, no tech expertise, but most of this I already suspected. So good to see some confirmation. We can't get these messages out often enough for the vulnerable. Thanks once again...

I'm glad I watched this. I knew not to open links but I didn't know clicking more details could compromise me

3:34 - thats why its good to have at least two browsers with the standard not having any cookies or auto format/registration activated. if you install chrome or firefox on a windows system, keep edge as your default and deactivate everything you can since you wont use it anyway. no java, no cookies etc.

its so good, that people like you explain it at all, and on a way, that everyone got a clue what its about

My mom needs to see this video. She always gets scammed by those emails where they claim to be local supermarkets and they're giving out money or checks or god knows what to people that fill in their phone number 🤦‍♀️

thank you this really helps me cause i aint smart

@abd7598

3 жыл бұрын

@@ZeyLogger hey what happen if u press link not in email like other apps because I pressed many links in twitter to watch ufc and football can you tell me please and thank you!

Found your channel about a week ago. You the Bob Ross of scambaiting! Hope you don't feel bothered by the fact that I use your videos to fall asleep :]

i appreciate the genuine advice since i myself tend to click links, but luckily, (i assume that) nothing bad has happened, *yet*. thanks for uploading this, i'll be sharing it

Honest fantastic content and as concise as a subject like this could be. I urge everyone to send this to their non techy or even techy friends and watch the whole thing.

Hey man, can I just say I really love your content. I've only recently caught your nettle soup and pond jar videos (as well as the scam stuff). But the fact that you have a variety of nice, informative content is something I've really started to appreciate. Thank you

"Just say NO..... To links," -Atomic Shrimp

This was the best video that I never knew I needed to watch!! Thanks!

My real question is what if: You clicked a lot of links when you were younger when you had nothing to lose but now you've used it so much that you have a lot to lose. Am I still at risk of getting my info stolen?

@chillcloak

2 жыл бұрын

If you haven’t seen any suspicious activity as of late then I would say you have nothing to worry about. However as someone that gets paranoid and has an anxiety disorder I know that sometimes this bit of knowledge isn’t enough, so if it really makes you feel uneasy you could always just make a new email and replace your old email on your most used/important accounts. I used to click a lot of links when I was younger too, so just having a fresh new email really keeps my mind at ease.

@Kalobi

2 жыл бұрын

You should make sure to update your passwords on any sites you used back then, then should probably be fine.

@lillekins

2 жыл бұрын

You can check your login activity on your account. It tracks the IP address so you can check this way to see if someone else is logging into your account. Also it tells you what country they've accessed or attempted to access it from. Unless they change or hide their IP address.

As a 76 year old grandmother, I find this video very helpful. Thank you!

@Sarasa1318

4 жыл бұрын

Ah yes. A 76-year-old grandmother who uploaded a live concert video. How plausible.

@friendlyjapanesebusinesswoman

4 жыл бұрын

@@Sarasa1318 :)

@Sarasa1318

4 жыл бұрын

@@friendlyjapanesebusinesswoman I don't like that smile my guy/gal. That's vaguely threatening

@rogeliolargo7157

4 жыл бұрын

권혁준 I think it’s sarcastic bro lmaooo chill

My favorite scam emails are the ones where they buy your old passwords from database leaks to try to get you to do something. "We know who you are, your password is 123456" kinda deal.

Way better than any training videos I ever got from work

I have a question! You mentioned that it may install some of those, but is it also possible that they might automatically install any of those on the list on 2:14 without showing anything on the download list? Like, if you download something on internet browser, usually this thing pops up on the bottom of any browser that has a name of the file you're downloading, and approximate time it takes. Is it possible for them to install those Ransomewhere/Torjans/Bots without showing these popups? so that I unknowingly has downloaded them

In all seriousness, this video should be aired as a PSA on every television channel EVERYWHERE! I love how succinctly you've summed up this issue. Well done you! :D

I loved this video. This is how to use email safely 101. I've been binge watching your videos and I must say, they're all great! Keep it up!

I was using Windows Live mail and received an email with some pictures. I didn't press the thing to download the pictures or anything, but I did press the preview to make it bigger. Am I at risk if this is a virus? If so, what can I do about it? Thanks!

Wow this is one of the most genuine and helpful videos out there.

Oh hey, anyone else get an ad about ID theft on the internet? Didn’t know KZread assigned ads quite that accurately.

@AnUnearthlyGay

4 жыл бұрын

Yeah I one too

@FoXenthusiast42

4 жыл бұрын

The one where a man's on a laptop being hacked and then a knock off Linus tech tips starts talking

@peppercorn8451

4 жыл бұрын

Got one for totalav

@BooseJuice

4 жыл бұрын

Sounds like you’re somebody that is vulnerable to email phishing

@mrbisshie

4 жыл бұрын

Nope, but I get daily emails about my Netflix account being locked, or having no way to pay for it, because my credit card was rejected. Even though, I haven't had Netflix since 2015. i.imgur.com/ibUOdWQ.png They were quite aggressive about it last year. i.imgur.com/pSdimNB.png Very first word in the fucking email gave it away.

If I may make a suggestion for a future video. You have a great narration voice! You could do a narration of Thomas the tank engine (original model train series). That might sound lame but I reckon you could do it really well :D Stay safe, good Sir :)

The information was good. I LOVED the music at the end. All in all, a really nicely done video. 👍

“you, sir, are having a heart attack” oh okay thank you

'Distrust by Default' - my life's mantra! Thanks for your ongoing, sterling work to thwart the internet crims - very much appreciated!

Quality content as always-I often worry for younger me who knew about scummy emails and whatnot but wasn’t as suspicious as I should’ve been 😅 Glad to know better now and that people have resources like this to inform them!

Scammer: watched through my webcam Me: literally has a small tv as a monitor, and no webcam: “lol”

I once got a scam email trying to get into my PayPal. It had all the people visible it was sent to aswell so like 5 minutes later I, and presumably everyone else, got like 10 emails from these people warning about the scam. I'm so glad I've got these, because it showed me that people are aware and even trying to help others less experienced about the matter.

I love how hovering the link is unadvisable in your video, as is logical, but i just recently (completely by chance, what are the odds) saw a bit of a tv-show for seniors, where phishing was discussed. Naturally i was curious as to what they advised the most vulnerable target for these scammers, nd guess what. Hovering the link was their main focus. Like... how do you expect those easily trusting old people to hover over a link without accidentally clicking on it??..

@AtomicShrimp

4 жыл бұрын

Hovering the link is like opening the front door *just a crack* to peep out and see if it really is a vicious murderer on the doorstep

@shaclown7721

4 жыл бұрын

@@AtomicShrimp plus, most of those people wouldn't know what a trusted website URL even looks like. I really felt like those tv-hosts wanted seniors to get scammed

@AtomicShrimp

4 жыл бұрын

@@shaclown7721 I've seen the same advice offered by corporate training offerings. It's like everyone is afraid of just telling people "Wake TF up!"

Lol, jokes on them. Anyone who got my adult content history would be too busy in therapy to be sending emails.

@justanaverageinternetuser2473

2 жыл бұрын

When I think twice... I'm not wondering what you're keeping there...

@andyc4685

2 жыл бұрын

😳

@GlitchedBlox

2 жыл бұрын

WHAT ARE YOU KEEPING IN THERE?

@XXX_xxxxxxxx

2 жыл бұрын

Hail satan!!! 666!

Great advice! I wonder if people would be interested in your tips on basic computer security. For example, password managers. Although they wouldn't protect you from session hijacking, they could save you from entering your credentials into a phishing site (with the added benefit of not having to remember all those pesky passwords).

Once again thank you so much for making this and explaining important stuff!

I'm sorry but no matter how scary you make it sound, I will NEVER distrust Link! He has helped so many others and saved Hyrule multiple times! In all seriousness, this is an important topic, and I think you're doing a real service by warning people of the potential threat links can have.

I love this guy. I’m in cyber security and this and his scammer videos are so informative and just down right fun!

@AtomicShrimp

4 жыл бұрын

Please rate my advice!

@kalla_the_mage9281

4 жыл бұрын

Atomic Shrimp your advice is spot on dude. DO NOT click links in emails, DO NOT try to copy the link and now days, ANYTHING you click can cause a malicious attack. Did you know that a java pop up on your browser saying the browser is out of date can be fake??? Always, always, ALWAYS go to the source. If you need to reset your password, update a program, whatever, go to the actual website and download the update or reset your password there. The email you receive from password reset will never have grammar errors and will always come within 5 minutes of a password reset request.

I have the almost 10 year old laptop, I cant remember is it after I used it for a long time but i saw once that it was uding like 90% of the cpu, does that mean I have a mining virus or its just to old? How do I check?

Very informative video, thanks! Would love the hear more about the single variants in detail

You should do a scam bait where you just complain to the scammer when he gives you instructions. Stuff like ugh , but whyyyy, do I have to...

@SUPABROS

2 жыл бұрын

So just being Flower but with E Mails

My teacher : *sends me an email with a Link to the school website Me : alrite you scammer i am not doing it

My job will randomly send out test emails. If you click on it, it'll send you to a page that says you failed and too many may result in retraining or other penalties. One that went out, wanted a password change. It looked official but instead of following the link, I went to the official password change. I'm curious how many reported it, how many failed, and how many did a password change the correct method.

@AtomicShrimp

3 жыл бұрын

We've been looking at that too. Some people (in the comments here) have argued that it's unfair, but honestly, it's no less fair than testing the eyesight of fork lift drivers. If you fail the test, you are a hazard and a liability.

@AJStarhiker

3 жыл бұрын

@@AtomicShrimp I don't think it's unfair. I work with information that can cause way too many problems if it gets out. An occassional test email is just a reminder to pay attention to what I'm doing.

Thanks for the video mate, I think your advice really helps people

I was on my military email and my friend and I both got the same email for some sort of survey to take for improvement of military life or whatever and it wasn't really unusual because we are constantly being told to take surveys in the military and I was very skeptical. Some things just didn't sit right with me and we both clicked it. I was looking at it and it just seemed so legit like any other survey we've ever taken. It didn't hit me until later that it was definitely a phishing email when they kept sending me email reminders regarding the stupid thing. It's so scary how they can manage to just slide right into your military email and make something that looks so real. I'm glad nothing bad happened that I know of..yet anyway.

@heavyweaponsguy6284

2 жыл бұрын

thats their fault for constantly telling you to take surveys.

will you ever be covering the emails you get from a friends account when they've been hacked? the ones which included links etc

@RealFish

4 жыл бұрын

What friend sends links in 2020? Seriously when was the last time you received a legitimate link from a friends via email. If you did, and you weren't expecting any link from them, don't click and message them via text or social media to verify if it actually was sent by them. Easy

@PolrisTired

4 жыл бұрын

Not as common for that to happen, but you can always verify whether the link is safe (hovering). Check whether it matches up with what the other person says it is (if they don't explain what it is, just don't click on it), check whether it's in a trustworthy domain and more importantly, make sure to verify online! Most bad links get noticed fast. For example, in the web.core.windows.net one from the vid, if you were to look up "web.core.windows" google autofills with the word "spam", telling you it's bad. Also make sure it's not one like the one mentioned in the video which logs you right into a google account (which can be bad). Finally, you should know that though it's better not to try your luck, there is virtually no malware that can actually get into your device ONLY by clicking the link, especially with today's very secure browsers. There have been very few examples that do and most are reported right away and taken down, and most if not all have been in older versions which were prone to such things. In the event that it takes you to a site that starts to redirect you to other pages, close it right away. If it tells you something like you won a price, or it looks like a video and asks to click "allow" to watch it, or anything of that nature that is asking you to click on something- Absolutely do not do it, as user interaction is how malware can actually work

@J_Lynn

4 жыл бұрын

Ugh, my fiance just fell for one of those from his "dad" a couple days ago. It said something like "I should have sent you this a long time ago" and just the link. His dad is the kind of dude to just send e-mails like that, but damn... it was pretty obviously a phishing link, still. -__-

@originalrice7004

4 жыл бұрын

This is also on instagram, I have gotten 2 so far. One that said "Here is something I made you" then a more recent one was "Look at what I did to your pictures, I hope you dont get mad"

@saschamayer4050

4 жыл бұрын

I think that's a really good idea for a video subject. 🙂👍 Sadly, the people who are most likely to click on every link *and* resend them, no matter where it comes from, are the most vulnerable. 😕 The more tech savvy and security aware you are, the more suspicious you become of such things. 😒 And the less you know about IT, the more likely you are to click on dangerous links and fall for scams. It's really scary when you think about your friends and relatives who are unaware of IT security. 🤔

I didn't know how dangerous a single link could be. Thanks for the warning

This is why well developed ad blockers are so important. Also other defenses that block suspicious links from opening, and random downloads from said emails and links.

Simply. If one gets email phishing email from service you use. One can always verefy it by logging into their account through normal ways. Avoiding the click on link

@fetchstixRHD

4 жыл бұрын

Agreed. As mentioned clicking on a link should be the very last option, when there’s no other choice (such as with password resets). Even at that, vigilance is required (e.g. if you didn’t request a password reset, then under no means should you click that link, log in to your account and change your password (and to something secure) immediately).

me > just watched a 6 minute video telling me not to click on links also me > clicks on link to your next video because you're epic

Once I got a phishing email sent to me that was titled "Mr Beast shared a photo" So me being dumb and not knowing about phishing emails clicked on the email and saw a page to click on which I did and it auto-filled my details on my Gmail already which was surprising, luckily nothing happened and I never heard from them again and I changed my password so I was safe. Thank you for teaching people about these links which are very dangerous. Keep up the good work man! :)

Been waiting for this video for decades.

One clever email I got is one where it told you to click to unsubscribe, and the link sent a mail that said "unsubscribe" to dozens of emails So that the mail they sent got white listed in your email client

In the InfoSec community we have a saying: "if our security tools broke your access, then hey, you're still secure". That point about not hovering, yeah, if you already know it's phishing, just delete it. Oh, and if you have a friend in InfoSec, DON'T FORWARD THE EMAIL TO ASK ABOUT IT. Start a new email and figure out how to attach it. Or, better yet, figure out how to get the raw email text, and figure out how to attach that. But, don't ever forward a suspect email. And, dammit, stop circulating those chain emails. But, do practice hovering before clicking on those things that you do trust... because... DON'T TRUST ANYTHING.

@AtomicShrimp

4 жыл бұрын

Yeah, I always tell customers that if they need to ask whether something is dodgy: 1. Send a snip or screenshot, not the email itself 2. Yes, of course it's dodgy, or you wouldn't have asked.

@TesserId

4 жыл бұрын

@@AtomicShrimp Actually, I have a syntax highlighting configuration that I created (in Vim) for analyzing email headers. But, it doesn't work on screen shots. Also, URL's from phishing emails can be analyzed (base64 encoding and such), but not in a screen shot. Of course, those encoded URL's need to be treated a poison and handled as such. But, I can't really do a deep dive on screen shots. Fortunately, the place I work now has a "report phishing" button in Outlook, and it automatically sends them to a specialized service for just that purpose (big data analytics and AI, etc.). So, I only have to do deep dives on the really bizarre phishing emails. Still, it's really hard getting users to not forward emails. Those qualified for it can safely handle the attachments. We even have virtual machines for exploding those attachments. You can't do that with a screen shot.

Something to remember if you're unsure: Go to the supposed page manually. As shown in this video, AS got emails claiming things about his account that you could access and manage on your own, without using the link.

Thank you for echoing something I tell people all the time.. I study cyber security so this is important

Interesting and very informative video. However, one thing he doesn't mention - I think - is that one of the easiest way to determine if an email is a scam or not is to look at the email address of whoever sent it. The email address of a scammer is most ALWAYS a jumble of letters that has nothing to do with the subject matter. If, for example, the email says that your Amazon account shows some irregularity or whatever, the email address of the sender should be - MUST BE - from Amazon.com. If it is not, it's a scam - it's as simple as that.