Scammers recently hijacked three YouTube channels and used them to collect nearly $150,000 in cryptocurrency. They used these stolen channels to impersonate the official SpaceX YouTube channel. The hijackers played fake livestream interviews with Elon Musk, founder and CEO of SpaceX, while promoting bogus cryptocurrency giveaways. These giveaways are based on an old-school scamming tactic in which cybercriminals ask for a small payment while promising a large payout for the so-called investment.

This scam was successful for two main reasons: First, using existing YouTube channels gave the cybercriminals a large, trusting audience of subscribers. Second, the scammer’s “investment offer” appeared to be coming from the well-known, tech-savvy billionaire, Elon Musk–rather than from a random stranger–so it seemed to be more legitimate.

Here’s what we can learn from this scam:

  • If something seems too good to be true–like an unbelievable investment opportunity–it probably is! Question everything.
  • Whether it’s a phony website, a disguised email address, or a hijacked YouTube channel, anyone and anything can be spoofed.
  • Experts speculate that the scammers gained access to these YouTube channels through a data breach of a different website. This is a great example of why you must use a different password for every login.

Stop, Look, and Think. Don't be fooled.