There’s a certain level of juvenility that society affords to cyber-crime victims. The typical stereotype usually boils down to a dainty, fragile old person whose heart is bigger than their brain, constantly falling prey to the dark, digital denizens that siphon the funds of anyone foolish enough to play their game.
However, the events that happened to famed anti-scam content creator Jim Browning in the later stage of last month prove that this isn’t always the case. On 26 July, The YouTuber and anti-scam vigilante fell victim to a group that convinced him to delete his channel. In the four days that transpired from the now obvious scam to Browning eventually regaining access to his almost decade-old channel, mystery as to what happened filled fan forums and social media.
With over 3.3 million subscribers and 200 million video views, Browning is one of the most prolific YouTube anti-scammers out there. Having worked with the BBC and The New York Times on investigative pieces, he uses fiendishly brilliant tactics to thwart hackers and force them to confess their guilt.
But even the best of the best aren’t free from the claws of cyber-criminals. In a video Browning posted on 30 July, he explains how the hackers managed to trick him into believing they were YouTube support in an effort to silence him: “It wasn’t exactly my finest hour, but it does go to prove that anyone can be scammed if the circumstances are exactly right.
“[It was] a little bit more than your standard phishing email. Firstly, it has come from Google.com – most phishing emails come from somewhere else, but here the domain is correct,” Browning explains. “This user was somehow able to log in to an official account which means it had all of the official stamps that made it look like a genuine email.”
Browning is more than familiar with finding faults in phishing scams, especially those that use Virtual Private Networks or VPNs to encrypt their IP address and pose as tech support. In this case, the assailant took a further step in ensuring their anonymity by actively stealing a Google domain name.
The email also lured the YouTube star in further by threatening the deletion of his Adsense account – the primary way YouTubers generate revenue. Browning later explains that coincidence was also a huge factor in his confusion: “Just the day before I received the email, I swapped to a new phone and managed YouTube through it. I put two and two together and assumed that because I was using a new device, it may have generated this email.”
After a back-and-forth with a scammer posing as YouTube support, they convinced Browning to delete his channel with the promise that he would be able to recover it later. “As far as I was concerned, I was moving my channel’s content to a new one, I wasn’t deleting anything,” he continues. “What I was actually doing was replacing my channel with a blank one. As soon as I hit the replace button, seven years of work, 170 videos, and 3.3 million subscribers were instantly lost.”
It was then that things started to become iffy. Browning began to notice certain parts of the support account that weren’t quite right, but by then, it was too late. “Only then did I start to ask the questions I should have asked from the beginning. How do I verify who I am talking to?” After it became completely apparent that Browning had stumbled into the rat’s nest, the hacker then revealed himself as part of a phishing scam.
Eventually, Browning won back his channel with the help of Google support. “Ironically, they sent me virtually the same instructions as the scammer; asking me to create a blank account and to move my content on there. I’d like to thank Christopher from YouTube for helping me clear up this mess,” Browning continues.
Whilst Browning cleaned up the virtual mess, several YouTubers including Perugi from Scammer Payback dedicated their time to helping Browning secure his channel once again. This wasn’t without certain members of the community jumping on the conspiracy bandwagon, with several channels uploading videos questioning where Browning had gone in the four-day period.
Despite this being a happy ending overall, it’s worthwhile to note the implications here. Browning himself admits he was lucky and that those who fall victim to far bigger scams don’t get the good ending. “Really, anyone can be scammed. That includes me and you, the circumstances just need to be right.”
For more information and several courses regarding internet safety, check Blueline Learning.