With the omnipresence of the internet in our lives, we can always get hacked or viruses doing normal internet activities.
Hackers are everywhere, waiting for us to slip and get hold of our sensitive data.
Although things aren’t that scary with the advanced security solutions, like powerful built-in and third-party antimalware tools, you can never be too cautious.
You should always know what activities can put you at greater risk.
For example, you should know if visiting popular websites like YouTube can give your device viruses.
Can You Get Viruses From YouTube?
No, playing videos on YouTube doesn’t infect your device with viruses.
That’s because YouTube is a highly secure website that doesn’t allow viruses to be embedded into videos through re-encoding the videos.
However, although YouTube is inherently safe, it doesn’t mean that you can have an entirely safe experience on it.
Since YouTube has millions of users, hackers look for ways to infect their devices.
They do so through social engineering and phishing, leading users to click on malicious links.
Like any other website, you should always be cautious while on YouTube.
However, you’re safe if you only watch videos on the platform.
YouTube Security Standards
YouTube is a safe video streaming website that gives users high levels of security.
The most significant tool for making videos secure is the HTTPS protocol.
You may have noticed these letters next to the URLs of many websites.
You can also see it as a padlock icon next to the website’s URL in the browser’s search bar.
These websites include online banking sites, but more and more websites are adopting this protocol for added security.
Hyper Text Transfer Protocol Secure (HTTPS) uses the SSL certificate to encrypt the communication between websites and users.
By encrypting data, even if hackers can access the information transferred between the website and users, they can’t read them.
When a person uploads a video on YouTube, the platform encrypts and processes it securely.
This encryption blocks hackers from intercepting data.
In addition, if the original video contains a virus, it can’t survive in the encryption process because, during the re-encoding process, the virus’s code gets destroyed.
How Devices Get Infected Through YouTube
Embedding virus codes into YouTube videos is impossible.
However, a highly secure website like YouTube doesn’t guarantee that you’ll have a safe experience on it.
It doesn’t mean hackers ignore this great opportunity to infect devices with their viruses.
They use social engineering tactics to infect users’ devices.
Here’s how you can get a virus on YouTube:
1. Clicking On Links
YouTube videos have description and comment sections that are perfect places for inserting malicious links.
Hackers create YouTube channels that look legitimate, introducing products like VPN or antimalware.
Then, they create a CTA (call-to-action) element by inserting a link recommending users visit the website and get the product.
Another common case is when the channel encourages users to click on the link in the description section to get the full version of the video.
That’s a dangerous ruse, particularly affecting kids and teenagers looking for a free version of their favorite animations or movies.
When users visit the website, several things can happen.
The website may have malicious code that attacks the user’s device.
Alternatively, it may lead you to download a file, like a video player, to watch the Full HD movie.
After downloading the files, your device gets the virus.
Hackers may be more cautious and lead you to another malicious website.
This way, they can bypass any security checks done by YouTube.
In any case, clicking on the link in the comment will infect your device if you’re not cautious.
In other cases, the malicious link may be in the comment section inserted by one of the followers of a legitimate channel.
Regardless of the source, these links work similarly and follow the same purposes.
2. Going To Dummy Websites
Suppose you get an email suggesting the sender has a tutorial video for you regarding your favorite hobby or field of study.
It gives you a YouTube link to click on and watch the video.
Everything looks normal until you click on the link and get redirected to a website that’s nothing like YouTube.
These replica websites may have a similar URL to YouTube, with very subtle differences in spelling.
If you’re not super careful, you ignore the barely noticeable differences and get yourself in trouble.
Many users notice YouTube’s red and white icon to count it as a legitimate website.
Hackers may use an icon close to the original theme to trick you into clicking on the link.
The website may even look like YouTube when you land on it.
They ask you to download something to upgrade your video player or other things related to your original purpose.
After downloading the software, your device gets infected.
The hackers may be so malicious that they redirect you to the original video and play it for you.
This way, you can never understand that it was a ruse that infected your device.
In other cases, they even provide the file for download with a password to make things look legitimate.
The PennyWise malware even directs you to a link on VirusTotal to show you the download is virus-free.
Still, it uses a complicated pattern to steal user data, including cryptocurrency wallets.
3. Ads
YouTube ads can also be dangerous as another phishing attempt.
They can lead you to malicious websites and steal your information through the methods described above.
They may also promise users free gifts if they click on the ad.
In some cases, these ads lead users to a website that exploits their device’s vulnerabilities and infects their system.
They infect devices with the virus specifically designed to target that vulnerability.
Although YouTube has strict security measures to block malicious ads, they may get through using different tactics like the one described above: first, leading to a legitimate website, which leads you to a malicious website.
How To Remain Safe On YouTube
YouTube is a highly secure website that can give you a safe streaming experience.
Now that you know the phishing methods that infect your device, you can take action to remain safe on the platform.
1. Downloads
You should first remember not to download any file if it’s not on its official website.
Never use links to download a file.
If you can’t find the file on its official website, you should look for it on legitimate websites that you’re sure are trustworthy.
When you download something, make sure your antivirus and firewall are activated.
If the antivirus detects malicious components in a download, you should trust it and stop the download process.
In some rare cases, the antivirus may show false negatives.
You should search and ask around in forums to ensure the file is safe to download with the antivirus temporarily disabled.
2. Links
Never click on a link without ensuring it’s safe.
Unless you see the link in the description section of a legitimate YouTube channel, you should consider other links potentially dangerous.
You can copy the link into a link checker, a free online tool that checks the link for security issues like viruses, malware, or ransomware.
Norton Safe Web and Google Transparency Report are two reliable tools provided by reputable authorities in the field: Norton and Google.
They give you valuable data and rankings about the URL to help you decide on its safety.
In some cases, you may not use these tools because the link looks closely like a URL of a legitimate website.
These are dangerous cases that can lead to infection of a device.
You should make a habit of not clicking on any link unless you’ve inspected it carefully, looking for misspellings or weird extensions.
Finally, don’t click on ads that promise you something free.
3. Passwords
Never save your passwords in the browser.
Instead, use a password manager to keep it safe from attacks.
Hackers can easily access your passwords in your browser if they get into your device.
In addition, don’t use the same password for two or more websites.
Each website and account should have a unique and strong password to keep other accounts safe if one gets compromised.
4. Updates
Attackers take advantage of vulnerabilities in your system due to outdated software and operating system.
There have been many cases that only users with outdated software were targeted.
Installing all security patches and software updates is vital to avoid these vulnerabilities.
Software developers detect these security holes and frequently mend them using the patches they release.
Your browser should also be updated with as few extensions as possible.
These extensions can act like security holes through which hackers can attack your account and device.
Can Your YouTube Account Get Hacked?
Your YouTube account can get hacked like any other account on the internet.
Cybercriminals access your login credentials through phishing methods, change them, and lock you out of your account.
If an account has a high number of followers, it becomes a more lucrative target.
Moreover, since you use your Gmail login credentials for YouTube, it can be more dangerous.
If you use that account for other Gmail-based accounts, they all get compromised.
To prevent these attacks, you must be vigilant and know about phishing techniques.
You should know that YouTube never sends you emails asking for your login credentials.
Never disclose them to anyone.
A great security tool is a two-factor authentication.
Using this tool, even if a hacker gets your password through phishing, you can protect your account by adding a second layer of protection.
Since you enter YouTube with your Google account, you should enable two-step verification through Google settings.
You can access it through your YouTube account settings.
Click View or change your Google Account settings to go to your Google account.
Click Security, and under Signing into Google, turn on 2-step Verification.
Signs That Indicate Your YouTube Account Has Been Hacked
As mentioned, hackers may use tactics to prevent you from noticing the attack.
As a result, it may take time to detect the attack, even if you have a robust antimalware tool.
Here are the signs that show your YouTube account is hacked.
- You can’t log in to your YouTube and other Gmail-based accounts, even though you enter your credentials correctly.
- You can see new channels in your Subscribe list, but you haven’t subscribed to them.
- There are different login locations on your account.
Google has a setting that shows the locations from which you log into your account.
You can check these locations and see if there’s anything unusual.
Go to Google Settings > Manage your Google account > Security > Your devices.
Here, you can see the devices on which you’re logged into your Google account and see if there’s a new device that doesn’t belong to you.
How To Know If Your Device Is Infected
Hackers can be lurking everywhere, and your device is always at risk of getting attacked.
If they hack your YouTube account, they can access your device by attacking other Google-based accounts, especially if you have the same password for all of them.
To make sure your computer or smartphone is hacked, you can look for the following signs:
Smartphone
- Unusual signs like strange popups, X-rated content, and flashing ads.
- The device gets slow for no apparent reason.
- Strange behavior like texts or calls that you didn’t make.
- Too much data usage, although your internet activities haven’t changed.
- Unusual battery usage leading to quick battery drain.
- Password change or login messages from your internet accounts when you didn’t initiate any of them.
- Abnormal heat increase.
- Apps that you didn’t install.
Computer
- Antivirus warnings.
- Popup messages.
- Emails not sent by you.
- Programs connect to the internet automatically.
- Changes in app settings, permissions, passwords, etc.
- Changes in your web browser like added extensions, a different homepage, changed toolbar.
- Programs that you haven’t installed but launch upon startup.
- Frequent crashes.
- Redirected internet searches.
- Strange internet usage patterns.
- Slow performance.
- Unusual webcam activity; for example, its light is on although you’re not using it.