11:30 - Thanks for the video. How does entering that code to that phony site give the hackers control of over your YT account? Is it a recovery code they got for a password reset? If so, wouldn't they have to have control over your Google account gmail first?
@@LiebsterFeind it’s an alternate recovery process to unlock your account. In case you've lost your password and do not have a second factor device (key or device).
@@LearningandTechnology Thanks but still a knowledge gap. If it's a pre-generated recovery code, then how did they get it from you? Otherwise, how does TH-cam know it's a valid recovery code if they didn't send it to you (or to a hacked E-mail)?
@ What happens is that your TH-cam e-mail address is pretty public - it’s published so that people can contact you. What they do is request a password reset. However, they cannot reset the password without first logging in. They can’t do that without a password (and hopefully a 2nd factor). So they request a code reset. This allows them to reset the password IF they are logged into another device (which you are). So if they can’t convince you to enter that code on a device you are logged into - then it prompts them and allows them to reset the password. At least that’s how I understand the process. It’s similar to stealing Instagram and Facebook accounts. The key take-away is do not click links you do not know or are familiar with, look who’s sending the e-mail, and definitely do not enter codes that someone else gives you.
@@LearningandTechnology Ah, thanks for the details. That's what I figured, that they are doing an "ad hoc" man in the middle attack for a password reset. Not at the protocol TCP/IP/HTTP level, but between you and a password reset attempt they executed using your E-mail address that TH-cam makes available, I believe through the "business inquiries" link for the account. What bothers me is that this is something that 2FA should stop, unless TH-cam/Google is allowing the password recovery code to defeat this protection?
@@PeterCombs it’s definitely important to be cautious. I’ll accept sponsorships for products and software I find interesting and use myself - it helps me run the channel and try new technologies.
11:30 - Thanks for the video. How does entering that code to that phony site give the hackers control of over your YT account? Is it a recovery code they got for a password reset? If so, wouldn't they have to have control over your Google account gmail first?
@@LiebsterFeind it’s an alternate recovery process to unlock your account. In case you've lost your password and do not have a second factor device (key or device).
@@LearningandTechnology Thanks but still a knowledge gap. If it's a pre-generated recovery code, then how did they get it from you? Otherwise, how does TH-cam know it's a valid recovery code if they didn't send it to you (or to a hacked E-mail)?
@ What happens is that your TH-cam e-mail address is pretty public - it’s published so that people can contact you. What they do is request a password reset. However, they cannot reset the password without first logging in. They can’t do that without a password (and hopefully a 2nd factor). So they request a code reset. This allows them to reset the password IF they are logged into another device (which you are). So if they can’t convince you to enter that code on a device you are logged into - then it prompts them and allows them to reset the password.
At least that’s how I understand the process. It’s similar to stealing Instagram and Facebook accounts.
The key take-away is do not click links you do not know or are familiar with, look who’s sending the e-mail, and definitely do not enter codes that someone else gives you.
@@LearningandTechnology Ah, thanks for the details. That's what I figured, that they are doing an "ad hoc" man in the middle attack for a password reset. Not at the protocol TCP/IP/HTTP level, but between you and a password reset attempt they executed using your E-mail address that TH-cam makes available, I believe through the "business inquiries" link for the account.
What bothers me is that this is something that 2FA should stop, unless TH-cam/Google is allowing the password recovery code to defeat this protection?
@ I haven't tested it, but I believe that 2F auth would defeat the attempt. Yet another reason why its incredibly important to turn it on.
I get these scam offers all the time, also legit ones as well. I don't accept paid ads anyway...so it's not a problem.
@@PeterCombs it’s definitely important to be cautious. I’ll accept sponsorships for products and software I find interesting and use myself - it helps me run the channel and try new technologies.