“The two most common types of attacks include hoaxes targeting YouTube channel owners and ones that zero in on ordinary visitors who routinely visit the service to watch videos of interest.”

• Malefactors wheedling out YouTubers’ passwords
Fraudsters may impersonate YouTube support to dupe active users into disclosing their credentials.

• Extortion via fake policy violation reports
Crooks … repeatedly [flag] a user’s content inappropriate until the target receives two infringement notices and is one strike away from account termination. The threat actor [contacts[ the users and [demands] a ransom to prevent them from filing the third and final report. The size of the ransom [ranges] from $75 to $200 worth of Bitcoin or $150 to $300 in PayPal, depending on the number of channel subscribers.

• YouTube watchers hoodwinked into completing fake surveys
Fraudsters entice users to provide their personal details and fill out short surveys in exchange for a gift. In order to make the hoax appear credible, they manipulate the platform’s peculiar way of displaying account names. The crooks behind this fraud make money by luring the victims into completing surveys. Plus, they … sell the harvested personal data to advertisers and other interested parties.

Source: YouTube Attacks to Watch Out For in 2019