Remember when the verification checkmark on Twitter use to help you be able to discern between a real person and a scam account?

The number one thing to remember - you *shouldn't* ever be ashamed of being scammed (or going along with a scam longer than you liked, in Brian's case). Scammers can use lots of tricks/techniques to bypass your rational thinking. The more people share their experiences the better everyone can stay vigilant against attacks. Thanks for sharing Brian, and hopefully people can learn from this!

Just so everyone knows the IRS will only contact you via letter in the mail and you contact them back. no phone calls, no emails so don’t divulge finances to anyone who says they’re the IRS

Glad to see a video that goes into so much detail of what scams like this look like and what to look out for. It's really easy to have your guard down for just a second and click something you shouldn't have. It's especially crazy to see these scams backed by twitter accounts with 80k+ followers that are 10+ years old.

Aris is always talking about Evil Aris sending out discord messages, now there's an Evil Brian F out there too

Being tech literate isn't enough to be safe from scams, it might in fact create some overconfidence. Best way to stay safe from scams is constant vigliance and most importantly knowledge about what tricks scammers use. These are getting more sophisticated by the day and it's getting harder to know what's real and what isn't, scary stuff.

Happened to Rooflemonger recently too yeah, I hate seeing these crypto ad hijacker accounts Edit: okay really good video, actually breaking down what these scam attempts look like as the recipient, I’ve only ever seen the results in my YT sub feed, not how they actually start as the creator

Thanks for the heads up Brian, had some fishy contacts as well in the past couple of days but seeing what was going on with everyone i didn't respond. Hope this all get sorted out soon cause its becoming really bad now.

It's easy to think that being tech savvy is enough to protect you from scams like this. Thanks for posting your experience so that others can learn from this.

This is great, I'm surprised no one else has made a video on this. Like 4 prominent FGC content creators have been hit within a month it feels pretty ridiculous. Diaphone went over a bunch of a scammy looking stuff on his stream too, it's pretty interesting to see

guess the only reads fgc players can't make is the scam artist mixup

"I only play street Fighter 6." *Knows that he saw Brian_F playing the Marvel Hero shooter with Eskay last night*

Never directly open links from anyone, ANYONE including people you know without confirming that they sent it personally to you and why. Since we only use email for something formal or semi formal, confirming the intent behind said email is important.

The closest I've been to being scammed is always when it just happens to coincide with some real thing I've done or are expecting. That short circuit, like you referred to, is how they've almost got me. Can't ever put your shield down. It's so tiring.

Another detail to point out, the "check" mark on Twitter is not verified anymore, the blue one, is just that the user pay premium. so they get the blue check mark

So much of this is because Elons stupid decision to allow you to pay for verified check marks. So dumb.

Chrome: BIG ASS WARNING SIGN! Brian: "Hmm, i should be alright" *Gets scammed* Brian: Suprised pikachu face

As someone that had their discord hacked a while back. Thank you so much for talking about this Brian. People always think that they are too smart to get got, but there is always going to be something out there that makes you let down your guard for a second, and that second is all these people need to do a MASSIVE amount of damage.

Brain_Fake should have called whoever they messaged a scrub instead of bragging about ad revenue.

Password manager. Sentence length passwords. No reuse of passwords. Two-factor authentication. These are all the bare minimums we need to be using. Any account that has value beyond "oh hey, I really liked that username" should be protected with a physical authenticator. Serious infosec people have been saying this for years, and no-one listens. I hope at least a few people will listen to Brine.

I always try to stay vigilant with scams and phishing, and most of the time I think I'm too smart to get hit by them. But I feel like that kind of hubris will be the thing that gets me one day, when I'm not ready. Stay safe all.

Honestly a big thank you for even doing this to give more awareness on how scams are looking like in today's media. In this day in age when hidden URLs and impersonations can easily be done, we REALLY need to be reminded on how easy it is to get scammed, and to really be vigilant.

On the Rooflemonger crypto scam thing, this happens to a lot of KZbinrs and fortunately all of the videos are PRIVATED, not deleted, so once the channel owner gets their channel back all the videos can be reinstated as they were. Also, looking at Rooflemonger's channel, it's currently deleted/unavailable which means he's probably in the middle of the process of getting it back because the crypto scammers don't delete their own channel

just found out one of my subscribed channels got hacked and got ur notif 😭 thats timing right there

But all those accounts were X verified. Surely X the everything app wouldn't verify a bot account.

This is somewhat related. I bought some AirPods last week. A day or so after the package was shown to be shipped, I got a text with a link saying my package is being sent back due to incomplete address. Of course this is suspicious and turns out not to be true. Be careful when expecting something through mail friendos.

Hey Brian. I myself almost got hacked through a somewhat similar story to you, and to be honest, I don't think your correlation between actively reaching out to companies through forms and almost getting hacked was a coincidence. I wouldn't undermine the reach these scammers may have. Getting information from someone through other means and using that to bait them into scamming them has happened. It almost happened to me and a friend of mine.

Brian F does play a variety of games: Street Fighter 6 season 1, street fighter 6 season 2, and recently street fighter 6 season 2.5. EDIT: Shit, that sucks what happened to Rofflemonger. I guess KZbinrs should backup all videos on a hard drive or something.

It's not jsut the scam links its also the data breachs. It happened to me about 6 months ago. Facebook got disabled and deleted because of it and also got kicked out of every discord i was in.I'd also recommend a password manager that randomizes all your passwords and keeps track of em. A lot of people's downfall is using simple passwords and using the same password for everything. Also 2fa is good.

I almost got cought with the docusign one. ALMOST.

This is not just limited to the FGC. Communities in gaming are seeing an uptick in scamming attempts, and one could even conclude that it likely goes beyond that, even outside of gaming.

I got scam and it was perfect timing. I order something from amazon and got a email that i needed to pay a small fee because they tried delivering it to me but couldn't. I paid the small fee and then it happened lol. Multiple charges. Thankfully i got my money back. Be careful guys

Another scam I just avoided was someone attempting to be my "Editor" where they requested me to send a video through a portal and sign in with my YT/Google account. It looked suspiciously similar to the fake partner program you were preyed on with almost like their using the same or similar template.

Honestly, I find this to be pretty creepy. The higher effort scams are crazy

oh not hackers goin on a stupid spree again.

This is really depressing, soon it really will be totally impossible to tell if anyone online is real

I nearly got caught out recently from a sitting duck attack. I got an email from a company I have an account with, and it looked legit but something seemed off. I checked the email and it was what looked like an official domain. It turns out the companies lease of the domain had run out and they didn't realise and someone registered it and used it as an email domain for a phising scam. If it looks suspicious just go with your gut...

A touhou music poster got hit by the exact same guy a few years ago. It was terrible and really scary because he deleted all the videos on the account and all the songs almost became lost media. because they were over a decade old. He got his account back, but there are still some translations that are gone forever because the original translator's website no longer exists and the videos were the only piece of it left.

Okay. So it still comes down to an .exe. It would be scary if the hack worked just by visiting a web site (via e.g. a Chrome vulnerability), but as long as you have to click a .exe, I feel safe. My Linux don't do .exe.

This happened to me last night. Guy claimed he worked for shure and wanted to send me a microphone to review through a Twitter dm, but he wanted me to sign an NDA, which I never signed one when collabing with anyone. He sent me a link to pdf download to read the "NDA" two minutes later. All my accounts were trying to sign in from different locations, and I was notified for all of it even my bank account he was trying to sign into. I had to spend almost six hours changing passwords and speaking over the phone with my bank and etc. to make sure everything was on point, and thank god I got to it asap, but it was very disappointing because he had almost 50k followers and verified turns out to be a fake that claims he is a pr for shure. It is just mind-blowing how one little file can cause so much damage. He also had a linkin and everything like you describe on the video.

Unreactable scam

This is exactly how they got DasTactic. This is not a new scam , it's at least a year old, but thank you so much for making a video on it, it's a nightmare issue for a KZbinr.

This kind of scam started with other online personalities and professional players in Dota, Lol and others. Another streamer that I follow got hacked "BSJ" from the Dota community (it was like 4 months ago). Fortunately he was able to recover his account.

What's funny about the official looking fake emails to me is that my college actually puts those out as a test for students to help keep their accounts safe. I had literally zero idea they did this, and you actually need to change/update your password every so often, so I fell for it. It just sent me to the school's site talking about how to watch out for suspicious online activity. I'm not too surprised I fell for it, but at the same time I have been scammed before (lost a low value Steam account when I was younger) so it's kind of like a "fool me once, fool me twice" scenario.

I used to work in video deletion. KZbin most likely does not permanently delete videos right away. Closer to a month after deletion, even if the undelete option is not public.

This happened a couple of years ago to some other bigger youtubers as well, I'm surprised the people behind it haven't been caught.

I got taken for 60 bucks in a fake apartment scam in 2020. I had to vacate my apartment at the time and was desperate to get into a new place. Didn't do my due diligence and ignored the warning signs. Anyone can get owned given the right circumstances. Stay safe out there everyone.

YogaFlame got hit too. These hackers are the lowest of the low.

I'm not so sure the game has changed per se, what you've experienced here is not general email phishing scams (where the target is random and generally meant to ensnare the lowest common denominator) - this sounds more like a targeted phishing scam where the goal is to phish specific individuals by looking as legitimate as humanly possible. I always come back to this talk at Black Hat Usa 2017: kzbin.info/www/bejne/kGOTiYGmYtGohKM , its a good talk on the difference between them

>"It would never happen to me" >It happens. Sadly many such cases.

I get these fake Twitch / youtubers chats all the time because im a small youtuber sadly one day i might actually accidentally block some really wanting to work together. I remember when my youtube account got hacked i was terrified when my account was streaming crypto I contacted youtube on twitter and was surprised they responded so fast for a small youtuber like me i only have 500 subs and they helped me the same day. I bet this is more sketch with youtubers getting sponsors and emails all the time and might accidentally click bad links.

Imagine going out of the way to go on, indeed, finding marketing managers, getting their Twitter account information, just sending a false scam email to a KZbinr, to hack their account ALL THAT JUST TO PROMOTE Crypto currency. With how much computer skills these hackers have, you would think they would just get a normal job.

Thanks for the PSA, Brian. I'm sure the scammers will try to sleep better at night by telling themselves that if people fall for their scams, it's their fault. Meanwhile, the normal humans out there know, that society only works if there's a baseline of trust towards eachother.

All it takes is for them to get lucky by hitting on a topic close to you and like you said, your guard goes down a bit. Sadly I've been there too.

My Japanese teacher for scammed for 100K I can’t believe it ! Same take of not being able to withdraw money. My teacher was too nice but naive :/

Brian's greed played a cruel joke on him

A friend to Dokibird is a friend to all vtubers. As such, I stand with you in saying this scamming nonsense should not have happened to you or anyone in the fgc.

The fuck I knew something was weird when it showed that LK was watching that channel. At first I was like... huh... so LK is into crypto. And I found it so weird that the main Rooflemonger channel was down during the VF6 stuff.

A sad and scary issue. Not a genuine youtuber; I had to put out a quick video for KZbin regarding Momma Cherri's videos, a few years ago. She's just a lovely ol' lady who cooks food and shares the experience for people - she got hit by some crypto related "Ethereum" nonsense; they seem to target channels with a fairly chunky following then immediately replace all existing videos with streams and promotions for their coins. Foul business. She managed to get her account back, aswell as her videos. Rooflemonger's work may not be lost. Just need to draw attention to it.

I appreciate you sharing this experience and being humble and informative all at once. I think it's great that it seems like so many other FGC players and personalities have been honest and open about it rather than trying to hide behind shame or the like. You didn't have to spend the time to put up a 20 minute video (I know it takes way longer than that to put all the images together and build a narrative!) but you did and I think that's actually really cool. You honestly didn't even have to do it to protect your "brand" or "identity" in the way others might have, so double props. I'm even commenting just to help push this up the algorithm that extra little bit cuz I think stuff like this should be shared wider. That said, scam tier list when!? We gotta know!

Proof I'll listen to Brian f talk about anything lol. I got enough of these cybersecurity talks through my work, but it's been crazy seeing all of this go down the past few weeks.

Not just FGC content creators. Other game creators have been targeted. Myst, a Fate/Grand Order content creator here on KZbin, got his account compromised as well, and it took days before he recovered his channel, but not without losing a lot of his community posts forever. Everyone, stay alert.

This video is a life saver. Thanks so much for making this!

i also got sorta hacked i'm very glad i managed to recover my account almost immediately after getting hacked; very lucky!

time to go live in the mountains with a turtle

Insightful video, though unfortunate with how these scams have been evolving.

Moral of the story: Don't get got.

I got scammed in a similar way as you recently. Luckily it was for like a 100 dollar gift card and I was able to get the money back. But these scammers are somehow getting information straight from legit companies databases and you wouldn't really think they can be fake with the information that they have which should be confidential. Either an insider is feeding the information or its due to some other hack. If you ever get contacted, before responding go to the official company's contact page and ask them to verify the legitimacy of the other request.

Awesome to see the transition from browser tabs to straight powerpoint, keep it up 👍

Never run an EXE or input passwords from other people

There are some types of email where they bcc in some way that the email itself doesn’t show or shows something specific they want. Be careful with those. The senders email isn’t the only thing to watch out for.

So some additional steps people can take is. Have one specific email that's for business only, like for sponsorships, that is completely seperate from your main account and has a different and unique password with a separate 2FA that does not use a phone number. Also have a virtual machine to open those emails. If you really want to go to an extreme measure than have a seperate PC that is not connected to your network or other devices, usually you can do this with VLANs of a guest WiFi network. Then have that seperate PC run a virtual machine for checking emails, and opening/running documents/programs. But still use common sense to avoid them. That way if you do fall for one you are not running the risk of losing everything.

Growing up playing Runescape as a kid prepared me for these kind of phishing scams. Good lookout for the people Brian!

This is what you do. When you get a potential sponsorship, you will contact that company using other means such as call them, use official email addresses from their own website, meaning, you're not clicking on anything on that email you received. Secondly, you set up a virtual machine with a total different identity, meaning, you have nothing linked from your actual computer, use different email addresses and so, keep that virtual machine totally isolated and then you can click whatever you want.

OMG I feel bad for all these content creator, that explain why the video I had on in a tab now showing deleted. It felt really weird to me. I hope everyone can access and re-cover their channel

At this point I don’t think you can use email for work. This is just going to get worse. People at my job work with companies who get hacked every day over email.

Holy.... I couldn't believe when you said rooflemonger went emergency mode. Now I searched KZbin and I see he's GONE. Man, very sad to witness his channel's death in this way and I can't even send a message on this matter.

I need that clip of Knowkami yelling "IT COULD HAPPEN TO YOU!!!" while Z-Broly level 3's a character to kill them so I can edit in all the FG youtubers that got hacked lmao

Part of the reason why the scams are so blatant, going so far as to literally talk about Nigerian princes, is because it is a filtering system. If you're smart enough to recognize that someone claiming to be a Nigerian prince might be a scam, you're thinking to hard for them to bother talking to you in the first place. If they make the scam too realistic, they run the risk of wasting hours talking to people who figure out the scam after several steps in the conversation. Their success rate is already low enough, there's no reason to waste time on riskier attacks.

I got scammed by a chatbot a few years back. Randomly got a message from a Steam friend I hadn't heard from in a long time. Eventually sent me a link to vote for their preferred esports team or some crap. I logged in to vote using my steam account, and they were able to use the authentication token despite my having steam guard enabled. It was a nothing burger, but still pretty annoying.

As someone whos been hacked before i speak from experience when i say it is really easy to be like "it will never happen to me" and before you know it you let your guard down for something and now the account for the thing you use most is hacked and you're scammed out of all your savings. My discord account got hacked earlier this year and i got scammed out of all the money i was using to save up for a new computer, i didnt even realize it was a scam until the next day, and then i got sent into panic mode. I got it back in a week thankfully but i know some others who got hacked before i did and *still* dont have theirs back. And the money i haven't seen since then. The best thing you can do is to be aware of whats going on, and to be cautious. Letting your guard down for even a little bit can be super dangerous. It can happen to all of us, no matter how much you think it wont happen to you. And its fucking scary.

This has happened to a lot of people, including me. They even figured out how through other social media as well.

I love that you made a video breaking it down so more people also know about it

I take alot of cyber security training for work so Im conditioned to look for red flags. That said, that docusign thing has me shook. These scams have gotten way craftier.

At this point for creators especially you need to be tech-literate AND also have the business sense of vetting your clients, which is learned and can be a huge pain to do so. But its worth it like Brian did.

3:12 😂 bruh I need you to get that on a t-shirt STAT! I’d buy it tomorrow!!!

Who would've thought that being able to pay for "verification" in twitter was gonna help scammer, would require a genious to see that im sure.

Thank you for showing the details of how these scams work

Love these in depth breakdown videos. Lots of good tech here.

This is wild, it's next level AI scamming. Layers of scams.

a thing I don't see many people bringing up is the fact that this is not something that only happens to big/famous people, it can very much happen to anyone. It seems obvious but if you don't expect to be a target you won't even doubt if it's real or not. I've seen many artists lose their accounts or money because of fake dms commissioning something, despite having less than 5k followers.

26:07 LOL - did this fake Marco Marini actually pin the message about his account being fake in his feed? That is hilarious^^

I think a smart thing to do going forward is completely remove Twitter from your verification heuristic when vetting these offers/deals. Twitter DMs get ignored. Twitter accounts used as verification get ignored. It is too easy to spoof a real looking account there now, best to just remove the vector entirely.

i have 3 videos in my Watch Later list that i cant see cause they list as private, all of them Rooflemonger's VF5 guides from a couple of years ago to watch to be ready for REVO... there is no one better suited to teach the ground floor of any fighting game with passion like Papa Roof and the attack on him is absolutely breaking my heart... FUCK those crypto scammers!!!

Thank you for this kind of content, it's really important to explain phishing strategies.

jake lucky in the fps community got hacked as well. the hacker went as far as using credit cards for purchases on amazon.

Brian For shure messaged sure. Wait. I did that wrong

"Marco" with the mic header pic immediately made him more believeable than the other accounts to that point, lol EDIT: I also work in an industry that deals with fraud and yeah basically ignore any calls from 'the IRS' or w/e sending cop cars to your house, or a bank asking for your info over the phone/through text

Thank you for sharing this and thank god you didn't get fully scammed

Brian_F's mood is always Street Fighter.