‘Here you have’ virus interest exploited by YouTube scammers

The big news on the security front at the end of the working week was the widely-reported “Here you have” virus which arrived in inboxes with a waft of nostalgia, in the style of old-school mass-mailing malware.

What has brought things more up-to-date is that scammers have exploited the interest in the “Here you have” virus (which Sophos detects as W32/Autorun-BHO) to make themselves a quick buck.

Take, for instance, this newly uploaded video on YouTube.

Spam Here you have virus video on YouTube

When you stumble across it in search engine results, you imagine it’s going to tell you something about the “Here you have” virus. After all, it’s title is “Here You Have Virus Email — New Computer virus”.

But in fact, it’s something different.

Once the video begins to play it quickly puts up a message saying:

Due to copyright reasons, i can not display this video on YouTube.

To watch this video click in the link at description.

Now, in my experience, any YouTube video which tells you you have to go somewhere else to watch the video is trying to pull a fast one – and you should always be suspicious.

And in this case, sure enough, if you do click on the link you visit a blog page which pops up a revenue-generating survey scam. If you’re a regular reader of this blog you’ll know that we’ve seen many many of these on sites such as Facebook.

Survey scam linked to from YouTube video

Moving on, let’s examine another YouTube video which claims to be about the “Here you have” virus.

Spam Here you have virus video on YouTube

In this case, it tells you in compelling white-on-red lettering that the video cannot be displayed for copyright reasons (so why did you upload it to YouTube then?), but if you want to watch the video “legally and in high definition” just follow a number of steps.

In fact, it’s an advert pointing to a website which claims to offer access to TV shows – and the scammers are presumably earning commission every time they trick someone into signing-up.

Website claiming to offer access to TV shows

By the way, the website linked to, doesn’t have the greatest online reputation with many people complaining that they feel ripped off after signing-up, so be careful.

I certainly found the website was less than keen for me to leave it.

Website really doesn't want you to leave

There are many many other examples of spammers and scammers at work on YouTube, which probably isn’t surprising as it’s such an incredibly popular website. Cybercriminals exploit this by jumping on the coattails of news stories and hot trends that users are searching for.

Remember that if something sounds a bit suspicious, it probably is.