Keep an eye on what you watch — the Web is full of fake YouTube knockoffs and other malicious media players, and despite their appearance, some of these supposed streaming video sites have their own eyes set on your personal information and your cash.
Among these fake and free video services is the generically titled Web Player, which, despite an end-user license agreement (EULA) and "a multitude of identification data," is actually a front for a dangerous Trojan, researchers form the security company Bitdefender explained in a post on their MalwareCity blog.
The Trojan, identified as "FakePlayer," is a long-running favorite of malware authors; true to its name, it's been found embedded in several rogue video players. In October 2010, the FakePlayer Trojan made the leap from PCs to smartphones, infecting Android users by hiding in a media player app called "Movie Player."
In this instance, Web Player, billed as a free service, prompts those who start the download process to log in using their email address and password. Divulging that information is harmful enough, but the Trojan continues its campaign, redirecting Web browsers to one of several different pages offering the rigged video player.
"Bitdefender has identified more than a half a dozen of them by now," the company wrote. "Apparently the crooks built several such sites; in case one is blocked by antivirus vendors, there is another one up."
Each corrupted Web page looks similar, and they are all out for the same thing: Once victims register for the Web Player service, the Trojan triggers them to enter their credit card data.
"At this point the user will end up paying for a fake service while all the critical credit card data is stored somewhere on a crooks' server," Bitdefender wrote.
Avoid the pitfalls of fake media players by sticking to trusted services like YouTube, and make sure you run anti-virus software on your system, which can thwart Trojans like FakePlayer from infiltrating your system. And of course, use common sense: If a website constantly redirects you and asks for extensive personal information, do not trust it.