YouTube is sounding the alarm: a new phishing campaign is using AI-generated deepfake videos of CEO Neal Mohan to trick users. In a pinned post on its community website, YouTube warned that scammers are sharing private videos featuring a fake Mohan announcing changes to monetization policies. “YouTube and its employees will never contact you through private videos,” the company stressed. “If you see one, it’s a scam. Don’t click the links.”
Here’s how the scam works: victims receive a private video with a deepfake of Mohan discussing monetization updates. The video description includes a link to a phishing site—studio.youtube-plus[dot]com—where users are prompted to “confirm” updated YouTube Partner Program (YPP) terms. But here’s the catch: clicking “confirm” hands over your credentials to the attackers. And to make matters worse, the scammers add a false sense of urgency, threatening account restrictions if users don’t comply. It’s a classic phishing tactic, but with a high-tech twist.
The campaign has been active since late January 2025, and many creators have already fallen victim. Once their credentials are stolen, their channels are hijacked and used to broadcast live cryptocurrency scam streams. YouTube is urging users to stay vigilant and report any suspicious activity. Remember: if it seems too good—or too urgent—to be true, it probably is. And if you see a private video from “YouTube,” don’t take the bait.
