@@weirdyyy006 They do not care who they hack, its not about what you do, its about how many subscribers you have and therefore how many people the scam can reach.
Dude, i dont know if you know how lucky yall are. To try and calculate the odds of a Google employee as your subscriber, and them loving your channel and contacting you is UNREAL THAT is devine intervention lol. That shows how loved Save A Fox is. Congratulations!!
I've seen it happen to a few other channels. They clearly know it's a problem. Frankly they should be enforcing 2FA for all administrative actions for large channels. It's really Google's fault that this can happen to a channel.
@@berrycolin3911 LTT broke down many of the things Ethan said here, and more. But, yeah, changes like changing contact information and secret codes should require re-logging in with 2FA. And honestly, as the hackers keep changing it to live streams of Elon Musk, you figure Google should be able to use the AI that they (like so many other companies) are championing to be able to scan for that and flag channels for some security department to review and maybe lock down.
If worse comes to worse over your guys' Facebook, you could always try having an attorney send Meta a message to resolve it on your behalf. I was able to do it myself when my personal account got hijacked. I had to argue about impersonation and exclusion from forced arbitration, but you guys are a charity. If you guys get the right lawyer, Facebook could possibly be on the hook for Charity Fraud, or being an accessory to it.
Thanks Ethan for this explanation and for all of your hard work! To think someone would put all of Save A Fox’s efforts in jeopardy for such a dumb reason is pretty awful.
This has happened to a ton of channels I follow. Don’t feel too bad, you’re in good company! That said, it’s wild that Google has not completely squashed this problem.
This should be extremely easy for Google to fix which is why I have a problem with this attack, all it's doing is copying your session tokens, and then applying it to the attacker's computer So they have all the same permissions on whatever accounts you're signed into on their computer, but how a company like Google is completely intapable of detecting that there are two devices with the same session token is beyond me. Especially with how prevalent this attack is. They should just detect if two devices are on the same session token and then just sign them both out and then send an email to that email address saying something along the lines of " there is a file on your computer that went open to gives an attack or access to all of your web browser information figure out which file it is and delete it (It is likely a PDF file)
@@the_undeadEven without detecting a second identical session token, why are you able to change so much with just a token? I can't even change my phone sign in methods without inputting my current password again, even though I already signed into my phone. And yet they can change the passwords and change your two step verification method without a single prompt for any of your actual security information?
Yeah, even some big tech-focused channels. Same thing hit LTT a while back. It's been going around for a while(and yes, is something Google could prevent super easily).
I knew immediately what was going on because another channel I'm subbed to had a similar problem a year or two ago that caused her channel to become crypto scams through hacks and RUclips had to terminate the channel momentarily to fix it
@@fnafplushultimate6792 Same thing happened to one of my faves a while back too. You'd think Muskie and cryptocurrency types would be a bit more pissed about these guys ruining their good name with the public, but then what good name do they have left to ruin?
Hopefully SaveAFox keeps _(or will begin to keep)_ an *off-line backup* of all their archived videos. How devastating it would be to lose the entire history of Finnegan & Company.
RUclips backs up everything, user deletion can be restored easily. For a channel this size, you usually get customer service fairly quickly. For smaller channels, you're probably on your own and have to wait a long time.
And what if RUclips went away... it's *best* to have ones own _personal_ backup & not depend on RUclips (even if only for Mikayla's own use & memories someday).
@@James_Dandy That's true. What I'm saying is social media platforms have greater redundancy than users. It might be a good idea to back up the videos locally anyway, definitely, but the chance of youtube just losing your videos and not being able to get back at all (or youtube going away) is very slim.
I had a similar experience with an online job offer. These people copied everything from the legitimate business. Even the person who contacted me used the name and photo of a hiring manager. They were trying to get into my bank account.🤬 I hope you'll be able to rest easy soon. "People will always people" as my true crime podcast always says. Be Well!💗
@@The_Sojourn_Experimentok good to know! I did block only cause I was like save a fox? Then i saw it was like ellon musk and was nah and wtf is this on there?
So glad you got the channel back! This YT hacking thing is a plague and Google needs to fix it. They should be ashamed of themselves for being so vulnerable.
Reach out to Jim Browning here on RUclips. He's a scam baiter. He could probably do some kind of special on this and if not find out who did it and possibly get some revenge, at least offer more exposure to the scam! So glad you guys are back on track.
Actually, the Google customer service doesn't sound good at all. You were just fortunate to know someone who worked there that could help. Without that, you will still be down. The Facebook thing is scammers sending messages (supposedly from Facebook) about copyright issues and threatening to take down the site. They provide link to resolve the issue. Those unfortunate enough to click that link lose control of their page. I have friend that is a musician and had this happen a few months ago and lost his page. It is not possible to get support from facebook unless it is someone well connected.
yep. i followed a vlogger whose channel got hacked and started posting beauty videos. she went back and forth with youtube for ages and they kept telling her that her account had not been hacked. she only got an actual human being to help her when gigi hadid reached out to her personal youtube contact. if gigi hadn't been following her, who knows if she ever would have gotten her channel back.
You can also try contacting the MN consumer protection agency or its equivalent that handles social media platforms. Sometimes they can make calls on your behalf. Or mention that the local media might be interested in this story. Negative press can be a useful motivator.
Can't believe some "Billionaire Bootlickers" thought it was a good idea to hack a wholesome, educational channel just to promote meaningless bitcoin scams. Glad to see you guys are back!
You'd think youtube would require your password again if you start to do crazy stuff like this. It's insane that they trust a session token to this absurd degree.
I mean if my bank account sends me a fraud alert any time it detects a withdrawal of more than $500 to make sure I'm the one who did it RUclips could easily make it so it sends a "This you?" to someone's inbox when the channel they set up for their wildlife rescue suddenly pivots to exclusively focusing on private spaceflight.
Not even private spaceflight, the old "send us 0.2 BTC and we'll send you 0.4 BTC" scam. They really can't detect that automatically? I mean, if the spambots in the comments are anything to go by...
@@tjenadonn6158 There was one time recently when i did a couple of transactions with a digital content store in quick sucession, and after the third one (which appeared to go through, but it turns out the transaction automatically used a backup payment method without me noticing as the transaction was declined with the bank), i recieved a text saying my card had been blocked, and they asked me to confirm if i had made those transactions (the two that went through and the one that was declined)
I suppose the moral of the story is, don't trust anybody online who offers to do something for you. The safest approach is to assume everyone online is looking to rip you off.
It can be tough to find deals and partnerships yourself but it is the safest method. Go to them, dont wait for them to come to you. Then you are in control.
Glad that you got it straightened out so quickly and have your channel back. The odd thing is that I'm subbed, but couldn't comment on the live stream. It stated that "only viewers they approved" could comment.
of course they only want "viewers they approve". If they let just anyone comment, ESPECIALLY those subbed to the channel, then they'd get rightfully called out as hackers. Can't have that, can we? 😅
Been a long time fan of your channel and I wholeheartedly agree that they have to add more barriers to prevent channel hijacks like this. Seems like you were following the 2FA game to a T and yet there were no stopping them from compromising everything. Glad that y’all got the channel back and hoping you all and the foxes can rest easier, keep up the good work! 🦊
Microsoft has “show extensions for known file types” off by default, which scammers have been using to hiding the true file types (that pdf was an exe file, yet it was hidden).
Exactly this. PDF, JPG, MP4 etc aren't executable files - these will do nothing in your computer. Pretty sure file extensions were hidden (as they are by default) and the real file was Proposal.pdf.exe. And even then the OS asked are you sure you want to execute this unknown program. Almost always users themselves give confirmation that they want to run some shady program.
Very glad to see you guys back on your feet! One thing my family's done since we got hacked a few years ago is to actually call the company using official phone numbers from the company's main website and verify that way. Of course this only really works with big ones like Canon, Dell, Amazon, etc., but it's allowed us to catch multiple scams that seemed legit just like this one.
The problem is this email appeared to be completely legitimate because it came from a real Canon email address, these attacks are getting really sophisticated and the fact that as far as I can tell, Google isn't doing anything about this is honestly quite egregious
@@JadenYukifan28 I don't remember too much about the whole COPPA incident, but if memory serves, it was a lot more nuanced than this issue, this issue is as simple as two computers. At least briefly have an identical session token that should be extremely easy for Google to track, yet they don't
never just click on a link (or file). first inspect the link (or any files). if it's not a .pdf format, then don't open it. glad you guys got access back!
yeah, my job educates us on this every year, be a bit paranoid, make sure the file is what it appears to be, and that links actually go where they seem
With files, if they are already downloaded on the computer, don't trust what the file extension appears to be, there is a sneaky trick i know of that can make an executable appear to be a PDF or any other type of file (even on a system that is configured to show file extensions for ALL file types)
Wow, glad you were able to get your channel back, and thanks for the heads-up for what to watch out for! Also, be cautious about supposed “Facebook help” or “support” and what they’re asking for, as there’s a chance it might not actually be Facebook you’re interacting with. It’s a crazy world out there!
One of the suggestions I have heard is to call the company that is sending the sponsorship. Not thru the sponsorship email or any of their links. I don’t know if this is correct. This is what a friend told me she did
Glad you got this quickly resolved, some channels aren't so fortunate. But like you indicated, they infiltrate via Email and hack your browser. This is why many channels now have a separate computer just for answering emails. So if it happens again, they won't get anywhere.
Checking the "Reply to" address is usually a good idea. Last I checked, people could pretend to be whichever one they want, but the address that receives mails has to be their genuine address. At any rate, I'm relieved to see that you're back.
I'm glad you're back. It's bad enough when something like this happens to a creator, even worse if said creator is a good one, horrible when they work for animals' well-being
I'm not surprised you've had that experience with Facebook. Another RUclipsr I follow had his FB hacked and never did get control of it back. Eventually he made an email mailing list and asked everyone to sign up for that so they can get updates from him directly and not go through social media, which as you say is very insecure and can risk your whole livelihood if you're a creator.
I really think contact info for emergency stuff like this should be readily available for youtube creators and same for facebook users. maybe some legislation should be put in place to force true customer service contact info. in the public domain and to talk to a real person.
Glad you guys recovered it! 🥂🥂🍻🍻 I am also wondering HOW is it even possible to change profile details like contact number, email address etc.. without double verification? That doesn't even happen with personal accounts let alone a corporate/creator level multi million subs account. 😮😮
You have my sympathy for being the victim of malicious people. You explained it very well. I have also been the victim of a deranged, malevolent woman that I used to work with. These intrusions seem to be just the tip of the ice berg and social media platforms need to lift their game.
I'd like to comment on a couple points 1. You said how you have changed your credentials and logged out, however you have not clarified if you have factory reset your computer. It is very likely that the stealing malware they sent you is still running and could re-hijack you once again. I recommend factory resetting your computer, THEN resetting your passwords. I personally wouldn't trust an anti-virus scan. 2. You said to refrain from using a debit card as they offer less protection over a credit card, while this is somewhat true, this depends on your country and who you bank with, for instance here in the UK, with most banks its quite easy to charge back a debit card transaction (under certain criteria). 3. You said how the email came from an official canon email address, however it very likely did not. The attackers very likely used a technical called "email spoofing" which to the untrained eye looks like a real email from a real domain, which most email providers like Gmail usually notice, but not always. However, there is a chance it truly came from a genuine canon email, but not by canon themselves, but by a hacked email server or employee. Regards, hope you can rest now!
I'm very happy that you got your channel back. You do such wonderful work for the foxes, etc. and it would've been tragic if your ability to continue to help them would've been badly compromised.
I noticed the Tesla/Space stuff the other day and I thought it was a glitch with RUclips. I’m so glad that your content was salvageable and you were able to reach a resolution. You have so much going on with your work that I’m sure none of you needed this stress, but at least you can rest a little easier now. Also thank you for the advice. 🦊
Thanks Ethan, for explaining what happened. This was really helpful and reminds us that we always need to be aware. Well done for getting the channel back so quickly!
meta are truly awful, they closed and deleted my instagram account ( just used to post lots of dog photos ) for some abuse or harmful content reason and i could get no help or anything from them to find out why. YT looks like it needs a lot of work but at least you got somewhere with them.
This digital world really makes me paranoid and distrustful because of all the financial and other types of predators etc. it’s crazy. But there’s more of us that are good regular people- I just keep reminding myself that.
You're back.. Oh man I was worried. Elon Musk did hack you.. Same with two hispanic YT channels. I saw that days ago and I did a post asking you if "you're HACKED too???" Because I was scared
not sure if its been addressed somewhere but some videos are still missing like the one where dixie laughs in the snow, hope every gets 100% back soon, i love this channel
So glad you got your channel back , I'm a youtuber myself fortunately my channel isn't big enough for anyone to target but the thought of losing years of videos that take hours of time editing is scary to say the least, ironically I have had an issue with Facebook years ago, someone reported my account and they took it from me no explanation beside breach of terms of service and not once did they reply what this breack of service was I know I didn't do anything wrong and breach the terms of service, they are aweful to deal with I did have a second account but instead of making it my main account or creating a new account , I've now been boycotting Facebook well over 25 years , fingers crossed there's a fox loveing Facebook employee out there who might step up and help you because otherwise they won't do anything to help you 😢
Matthias Wandel's channel got hacked in the exact same way. Everything from a spoofed email to the fake pdf file. Glad to see you got your channel back!
I'm so sorry this happened to you. I can't imagine the stress this caused and having to navigate through costumer service hell (even if some of them are nice). Also sorry for reporting the channel while it was hacked. I didn't realize it would hurt. It was of course meant to flag it for Google to act quickly. They should really change that in the algorithm. Ethan is a champion! Edit: Oh and yeah Meta/Facebook is the worst when it comes to costumer service... They won't even take down obvious, malicious and fake news articles when reported, that lead to fake websites made to look like real news websites.
I've never been hacked before, but I do remember switching all my accounts over from the silly email address I made up as a teen, to a more respectable adult-sounding one. Just something this simple ended up being a horrible process I wouldn't wish on my worst enemy... so I can't Imagine the hellish nightmare you just went through. I hope you get some rest, and are eventually able to regain your sanity!
I went through this a couple years ago and I am a fairly tech savvy person. I'm 100% with you on automating account freezes. My bank freaks out and freezes my account if I'm just a few hours out of town, let alone an entire country away. How hard would it be to automate recognition of a series of a series of account changes from a new IP and then simply freezing it & requiring input of the last known good 2FA credentials?
Damn Ruskies!!! God Bless SAF & you and your lovely family ❣️❣️. No matter what happens you can rely that your fan base will be there waiting for you all❣️❣️🥰🥰. Thank you for the explanation!! Safety is always first. 🦊🦊🦊🦊
FB sucks. My husband got hacked, he's rarely even on, we reported it right away. Absolutely no help. He had to make a new page, fine, but the hacked page is still there, selling puppies. Ugh.
If someone is still using your husband's page to sell puppies, you should report it to your state consumer office, BBB, even the FBI because it was stolen. Using a stolen page to sell animals is illegal. If you don't report it the scumbags will keep doing it.
Don't feel bad!!! Even Jim Browning got the same kind of issue with his youtube account. It is NOT your fault! PLEASE don't blame yourself. It's good you shared your story, it gets the info out there. 💕💕💕💕💕💕💕💕
So glad you have channel back but its about time youtube did something to fix this and stop the hackers, its absolutely shocking! its peoples lively hoods on the line.
I really appreciate your guys' transparency on this whole issue as well as going into the technical aspects as to what happened. On a side note, I recently got an email from Canon about a firmware update for my digital camera. It didn't have any attachments or anything but once I saw this video, I deleted the email immediately.
@@janhoch9932 Sure you can spoof an address but is that spoofing the certificate? He said he looked pretty hard and it looked legit from Canon that's why I think it was just a back doored server.
I'm really glad you got your account back!! But one thing I didn't understand was the TV static silence while this was all happening on your Patreon. There were a couple posts since the hack from SaveAFox on the Patreon, but none of them addressed this and said "Hey we got hacked, don't trust the youtube channel!" as a warning to patrons. I think that would have been a good move, because you guys have a LOT of followers and someone might fall for it if they didn't know.
Those were probably automatic uploads that had been scheduled to release at certain times. It seems like they were too busy trying to fix things to think of putting up a message anywhere.
Never considered the long-term implications of reporting a channel, so I apologize for reporting yours while it was hacked, and thanks for bringing that up. Glad you’re back!
They really are getting away with so much. None of those steps should be that easy. I got hacked a few years back and was literally watching things get changed. Relatively easy to fix, but it was from a copycat site, too. 'Good to see you back, and nice to know a fox fan helped. Meanwhile, I got my SAF playlist of 150+ videos back, as well!
So glad to hear that y'all have control of the channel again! One thing you (and all content creators) can do to prevent the session token hacking is have a laptop/virtual machine solely dedicated to uploading videos and not having the channel account session token on your daily PC. Having the SaveAFox channel session token only on this separate laptop will ensure that the hackers won't be able to get the session tokens for the channel account even if this fake .pdf file thing happens again on your daily PC. Although it seems annoying to have to use another laptop to upload every video it's def worth the extra steps if it means the channel doesn't get compromised again.
I’m sorry you went through that and glad you got the channel back, mostly because the content you create supports the most important thing you whole team is invested in, saving foxes. I personally don’t watch for content although it’s the sweetest and cutest on RUclips, I watch and don’t skip ads, sometimes letting your videos run in the background to help your numbers, because the foxes need you all. Love you all!
Majority of UK and US intel have released reports that Russia contracts tech savvy citizens to mess with western media. Now, they didn’t go so far as to effect the previous election as some claim, but they are absolutely meddling with other people.
Damn Ethan... I know that scams are getting more proffesional each time all the time, but that thing with legitimate Cannon adress and then the token is wild for me... I will be much more carefull from now on :D... Also, HUUUGE shoutout to the SAF fan Google employee!!! Big respect and thanks! Yeah and on the end note- what was the goal of that scammer? Like, why to promote Tesla ? XD eLOn mUSk doent need any more influence lol
The first thing I did was contact support and said your account was hacked trying to help, I am sure I wasn't the only one. Glad you got the account back! Support actually told me to report the channel, I did not thinking how would that be the right thing.
Hackers to RUclips channels seriously are some of the biggest low-life losers in this universe.
Yeah! Especially to channels like these, that are rescuing animals or something else useful.
Yes. Lowlifes with no life.
@@weirdyyy006 They do not care who they hack, its not about what you do, its about how many subscribers you have and therefore how many people the scam can reach.
Trump loves Russia
so are discord hackers.
had a bit of a uh
bad experience with one recently.
Dude, i dont know if you know how lucky yall are. To try and calculate the odds of a Google employee as your subscriber, and them loving your channel and contacting you is UNREAL THAT is devine intervention lol. That shows how loved Save A Fox is. Congratulations!!
I've seen it happen to a few other channels. They clearly know it's a problem.
Frankly they should be enforcing 2FA for all administrative actions for large channels. It's really Google's fault that this can happen to a channel.
Usually you have to ask or Twitter youtube
@@berrycolin3911 lol, EVERYONE knows it's a problem, including Google. Why do you think you can't just call and get a human? That was my point.
@@kreuner11 and again you are lucky to get a response, let alone a timely one.
@@berrycolin3911 LTT broke down many of the things Ethan said here, and more. But, yeah, changes like changing contact information and secret codes should require re-logging in with 2FA. And honestly, as the hackers keep changing it to live streams of Elon Musk, you figure Google should be able to use the AI that they (like so many other companies) are championing to be able to scan for that and flag channels for some security department to review and maybe lock down.
If worse comes to worse over your guys' Facebook, you could always try having an attorney send Meta a message to resolve it on your behalf. I was able to do it myself when my personal account got hijacked. I had to argue about impersonation and exclusion from forced arbitration, but you guys are a charity. If you guys get the right lawyer, Facebook could possibly be on the hook for Charity Fraud, or being an accessory to it.
This comment really needs pinned
Damn. That sounds like a legitimately good idea!
Good thinking 💙
that makes a lot of sense actually.
except none of that is realistic or true
How despicable of whoever the hacker was to target an animal charity. Glad you got it sorted.
It’s par for the course for Russians.
Thanks Ethan for this explanation and for all of your hard work! To think someone would put all of Save A Fox’s efforts in jeopardy for such a dumb reason is pretty awful.
This has happened to a ton of channels I follow. Don’t feel too bad, you’re in good company! That said, it’s wild that Google has not completely squashed this problem.
This should be extremely easy for Google to fix which is why I have a problem with this attack, all it's doing is copying your session tokens, and then applying it to the attacker's computer So they have all the same permissions on whatever accounts you're signed into on their computer, but how a company like Google is completely intapable of detecting that there are two devices with the same session token is beyond me. Especially with how prevalent this attack is. They should just detect if two devices are on the same session token and then just sign them both out and then send an email to that email address saying something along the lines of " there is a file on your computer that went open to gives an attack or access to all of your web browser information figure out which file it is and delete it (It is likely a PDF file)
@@the_undeadEven without detecting a second identical session token, why are you able to change so much with just a token? I can't even change my phone sign in methods without inputting my current password again, even though I already signed into my phone. And yet they can change the passwords and change your two step verification method without a single prompt for any of your actual security information?
@@arielc8584 yeah, everything about this attack is messed up
Yeah, even some big tech-focused channels. Same thing hit LTT a while back. It's been going around for a while(and yes, is something Google could prevent super easily).
If it can happen to LTT, which has a $100 million 100-person company filled with technical employees behind it, it can happen to anyone
Don't feel like you need to be punished for an honest mistake. You did your level of due diligence.
Happened to Linus and Jim Browning too. Sometimes even the best have their bad days, that’s okay.
You live, you learn. You are not at fault. What those people did to you was horrible! I am so glad you got your channel back
I was SUPER confused by the SpaceX stream! This makes so much more sense.
Right? I didn't click on it, but I thought it was pretty out there for a fox rescue to be live streaming SpaceX
I knew immediately what was going on because another channel I'm subbed to had a similar problem a year or two ago that caused her channel to become crypto scams through hacks and RUclips had to terminate the channel momentarily to fix it
🙄🙄🙄🙄🙄🙄
@@fnafplushultimate6792 Same thing happened to one of my faves a while back too. You'd think Muskie and cryptocurrency types would be a bit more pissed about these guys ruining their good name with the public, but then what good name do they have left to ruin?
Same 😅
How depraved must you be to steal a wholesome channel like this :/
The originating country was "Russia".
@@playme129 As a Russian, can confirm we are all depraved and taught hacking youtube channels in the kindergarten
Uhm what@@SomeRedTeapot
* Russian
Hopefully SaveAFox keeps _(or will begin to keep)_ an *off-line backup* of all their archived videos. How devastating it would be to lose the entire history of Finnegan & Company.
oh this is good!
RUclips backs up everything, user deletion can be restored easily. For a channel this size, you usually get customer service fairly quickly. For smaller channels, you're probably on your own and have to wait a long time.
And what if RUclips went away... it's *best* to have ones own _personal_ backup & not depend on RUclips (even if only for Mikayla's own use & memories someday).
@@James_Dandy That's true. What I'm saying is social media platforms have greater redundancy than users. It might be a good idea to back up the videos locally anyway, definitely, but the chance of youtube just losing your videos and not being able to get back at all (or youtube going away) is very slim.
@@zxbc1 They recently refused to restore a video for a fairly big electronics youtuber. (electroboom) Despite community outreach.
Oh man, I thought I was losing my marbles! Glad to have you back!!
Me too! I kept looking at it like, wait what!?! 😅
I had a similar experience with an online job offer. These people copied everything from the legitimate business. Even the person who contacted me used the name and photo of a hiring manager. They were trying to get into my bank account.🤬
I hope you'll be able to rest easy soon. "People will always people" as my true crime podcast always says. Be Well!💗
I was wondering too I hope clicking on it don’t effect us now I need to change everything
@@ASurfgirl it seamed not to if you only stayed on it a couple a secands
@@The_Sojourn_Experimentok good to know! I did block only cause I was like save a fox? Then i saw it was like ellon musk and was nah and wtf is this on there?
Please also verify that your PC is clean now. Some of this malware has persistence capabilities and will keep doing its stuff if not removed.
So glad you got the channel back! This YT hacking thing is a plague and Google needs to fix it. They should be ashamed of themselves for being so vulnerable.
Reach out to Jim Browning here on RUclips. He's a scam baiter. He could probably do some kind of special on this and if not find out who did it and possibly get some revenge, at least offer more exposure to the scam! So glad you guys are back on track.
or scammerpayback!
@@jesipohl6717Kitboga!
Jim is probably behind this😂😂😂
Fennigan was behind the hacking or was it Dixy😂😂
Actually, the Google customer service doesn't sound good at all. You were just fortunate to know someone who worked there that could help. Without that, you will still be down. The Facebook thing is scammers sending messages (supposedly from Facebook) about copyright issues and threatening to take down the site. They provide link to resolve the issue. Those unfortunate enough to click that link lose control of their page. I have friend that is a musician and had this happen a few months ago and lost his page. It is not possible to get support from facebook unless it is someone well connected.
yep. i followed a vlogger whose channel got hacked and started posting beauty videos. she went back and forth with youtube for ages and they kept telling her that her account had not been hacked. she only got an actual human being to help her when gigi hadid reached out to her personal youtube contact. if gigi hadn't been following her, who knows if she ever would have gotten her channel back.
You can also try contacting the MN consumer protection agency or its equivalent that handles social media platforms. Sometimes they can make calls on your behalf. Or mention that the local media might be interested in this story. Negative press can be a useful motivator.
Yes! That is a fantastic idea. Thank you.
META is garbage 🕳️ social media 😱
LOL I noticed the tesla livestreams and I was so confused. I just thought you guys were big tesla fans or smthn 😂
Lol I though Elon Musk hacked ME but then I realized I am insignificant in his life lol
I thought of the same thing 😆
Can't believe some "Billionaire Bootlickers" thought it was a good idea to hack a wholesome, educational channel just to promote meaningless bitcoin scams. Glad to see you guys are back!
You'd think youtube would require your password again if you start to do crazy stuff like this. It's insane that they trust a session token to this absurd degree.
If you use Google to save your passwords, they have a copy of that, too. All. Your. Passwords.
I mean if my bank account sends me a fraud alert any time it detects a withdrawal of more than $500 to make sure I'm the one who did it RUclips could easily make it so it sends a "This you?" to someone's inbox when the channel they set up for their wildlife rescue suddenly pivots to exclusively focusing on private spaceflight.
Not even private spaceflight, the old "send us 0.2 BTC and we'll send you 0.4 BTC" scam. They really can't detect that automatically? I mean, if the spambots in the comments are anything to go by...
@@tjenadonn6158 There was one time recently when i did a couple of transactions with a digital content store in quick sucession, and after the third one (which appeared to go through, but it turns out the transaction automatically used a backup payment method without me noticing as the transaction was declined with the bank), i recieved a text saying my card had been blocked, and they asked me to confirm if i had made those transactions (the two that went through and the one that was declined)
It's a classic scam😮 beware in
Ancient Greece it was a wooden
Horse with surprise inside!
I suppose the moral of the story is, don't trust anybody online who offers to do something for you. The safest approach is to assume everyone online is looking to rip you off.
It can be tough to find deals and partnerships yourself but it is the safest method. Go to them, dont wait for them to come to you. Then you are in control.
still hiding in your mom's basement, bub? that's dumb and no way to live
smarter way is to have an agent to screen this bullshit
Glad that you got it straightened out so quickly and have your channel back.
The odd thing is that I'm subbed, but couldn't comment on the live stream.
It stated that "only viewers they approved" could comment.
Same
of course they only want "viewers they approve". If they let just anyone comment, ESPECIALLY those subbed to the channel, then they'd get rightfully called out as hackers. Can't have that, can we? 😅
I knew something was up instantly when I saw that
@@RyuKnightAlex I just couldn't understand who was doing the commenting though, there were something like 14k viewers when I looked.
@@-suphurwhatever comments they may have had...were probably from other bot accounts.
Been a long time fan of your channel and I wholeheartedly agree that they have to add more barriers to prevent channel hijacks like this. Seems like you were following the 2FA game to a T and yet there were no stopping them from compromising everything.
Glad that y’all got the channel back and hoping you all and the foxes can rest easier, keep up the good work! 🦊
Microsoft has “show extensions for known file types” off by default, which scammers have been using to hiding the true file types (that pdf was an exe file, yet it was hidden).
Good hint!
i dont think it was that simple...you can attach a script to a real pdf.
Exactly this. PDF, JPG, MP4 etc aren't executable files - these will do nothing in your computer. Pretty sure file extensions were hidden (as they are by default) and the real file was Proposal.pdf.exe. And even then the OS asked are you sure you want to execute this unknown program. Almost always users themselves give confirmation that they want to run some shady program.
Very glad to see you guys back on your feet!
One thing my family's done since we got hacked a few years ago is to actually call the company using official phone numbers from the company's main website and verify that way. Of course this only really works with big ones like Canon, Dell, Amazon, etc., but it's allowed us to catch multiple scams that seemed legit just like this one.
This is why I don't open suspicious emails I don't recognize, glad to see that you recovered your Channel, Ethan.
The problem is this email appeared to be completely legitimate because it came from a real Canon email address, these attacks are getting really sophisticated and the fact that as far as I can tell, Google isn't doing anything about this is honestly quite egregious
@@the_undead Agreed, the COPPA incident as well, if my memory serves me right.
@@JadenYukifan28 I don't remember too much about the whole COPPA incident, but if memory serves, it was a lot more nuanced than this issue, this issue is as simple as two computers. At least briefly have an identical session token that should be extremely easy for Google to track, yet they don't
Weren't paying attention, clearly.
@@asleepbydawn137 did you even watch the part of the video where Ethan explained what happened? How is that not paying attention?
You certainly look like you need sleep. Thank you for all the work and getting things back up. I hope nothing else turns up compromised.
never just click on a link (or file). first inspect the link (or any files). if it's not a .pdf format, then don't open it. glad you guys got access back!
yeah, my job educates us on this every year, be a bit paranoid, make sure the file is what it appears to be, and that links actually go where they seem
With files, if they are already downloaded on the computer, don't trust what the file extension appears to be, there is a sneaky trick i know of that can make an executable appear to be a PDF or any other type of file (even on a system that is configured to show file extensions for ALL file types)
Wow, glad you were able to get your channel back, and thanks for the heads-up for what to watch out for! Also, be cautious about supposed “Facebook help” or “support” and what they’re asking for, as there’s a chance it might not actually be Facebook you’re interacting with. It’s a crazy world out there!
You're the 5th channel I follow that this has happened to. You're by far the luckiest one. I'm glad things are back to normal.
Oh man I wouldn't say you were at fault! This sounds like an advanced scam, and you're right security systems shouldn't have let that happen.
One of the suggestions I have heard is to call the company that is sending the sponsorship. Not thru the sponsorship email or any of their links. I don’t know if this is correct. This is what a friend told me she did
I can't blame them, but it could've been prevented.
Thanks for being so up front about this Ethan and Save a Fox! It totally sucks that you have had to go through this. 😢
The fact that you guys got your account back so fast is insane. I've seen channels go down for 8+ months from this shit.
You're the co-boss, Ethan! Hopefully this video helps RUclipsrs from all topics and backgrounds
Way to go Ethan for helping save SAF's channels!
Frustrating as hell you have to be vigilant about an ever growing list of things. Glad you got the account back!
I know Jim Browning had his stolen. It took him a week to get it back. He was duped by a scammer from Turkey.
Glad you got this quickly resolved, some channels aren't so fortunate. But like you indicated, they infiltrate via Email and hack your browser. This is why many channels now have a separate computer just for answering emails. So if it happens again, they won't get anywhere.
We Love you Mikayla and Ethan and We really appreciate Everything you do for the Foxes!! So Glad to have you and your Channel Back!!
Checking the "Reply to" address is usually a good idea. Last I checked, people could pretend to be whichever one they want, but the address that receives mails has to be their genuine address. At any rate, I'm relieved to see that you're back.
I'm glad you're back. It's bad enough when something like this happens to a creator, even worse if said creator is a good one, horrible when they work for animals' well-being
So happy you guys are back ❤ We almost lost some of the most iconic Finnegan hehe content 😭😭
I'm not surprised you've had that experience with Facebook. Another RUclipsr I follow had his FB hacked and never did get control of it back. Eventually he made an email mailing list and asked everyone to sign up for that so they can get updates from him directly and not go through social media, which as you say is very insecure and can risk your whole livelihood if you're a creator.
I was wondering what the rocket launch coverage was about.
Ditto
Two people with flower pfps wowie
I really think contact info for emergency stuff like this should be readily available for youtube creators and same for facebook users. maybe some legislation should be put in place to force true customer service contact info. in the public domain and to talk to a real person.
Glad you guys recovered it! 🥂🥂🍻🍻
I am also wondering HOW is it even possible to change profile details like contact number, email address etc.. without double verification? That doesn't even happen with personal accounts let alone a corporate/creator level multi million subs account. 😮😮
You have my sympathy for being the victim of malicious people. You explained it very well. I have also been the victim of a deranged, malevolent woman that I used to work with. These intrusions seem to be just the tip of the ice berg and social media platforms need to lift their game.
I'd like to comment on a couple points
1. You said how you have changed your credentials and logged out, however you have not clarified if you have factory reset your computer. It is very likely that the stealing malware they sent you is still running and could re-hijack you once again. I recommend factory resetting your computer, THEN resetting your passwords. I personally wouldn't trust an anti-virus scan.
2. You said to refrain from using a debit card as they offer less protection over a credit card, while this is somewhat true, this depends on your country and who you bank with, for instance here in the UK, with most banks its quite easy to charge back a debit card transaction (under certain criteria).
3. You said how the email came from an official canon email address, however it very likely did not. The attackers very likely used a technical called "email spoofing" which to the untrained eye looks like a real email from a real domain, which most email providers like Gmail usually notice, but not always. However, there is a chance it truly came from a genuine canon email, but not by canon themselves, but by a hacked email server or employee.
Regards, hope you can rest now!
I'm very happy that you got your channel back. You do such wonderful work for the foxes, etc. and it would've been tragic if your ability to continue to help them would've been badly compromised.
I noticed the Tesla/Space stuff the other day and I thought it was a glitch with RUclips. I’m so glad that your content was salvageable and you were able to reach a resolution. You have so much going on with your work that I’m sure none of you needed this stress, but at least you can rest a little easier now. Also thank you for the advice. 🦊
Thanks Ethan, for explaining what happened. This was really helpful and reminds us that we always need to be aware. Well done for getting the channel back so quickly!
meta are truly awful, they closed and deleted my instagram account ( just used to post lots of dog photos ) for some abuse or harmful content reason and i could get no help or anything from them to find out why. YT looks like it needs a lot of work but at least you got somewhere with them.
I agree with Facebook being difficult I went through hell trying to set up fundraising for our rescue on there. Why the hell is it soooo hard. Jeez.
Identical hack happened to Joe's Blog channel! Glad you got this solved! 💙
I hope Ethan told some swarthy Russian hacker "and I will find you" like in the movie Taken.
That someone could remove all the account protections without having to check said protections first is wild to me.
This digital world really makes me paranoid and distrustful because of all the financial and other types of predators etc. it’s crazy. But there’s more of us that are good regular people- I just keep reminding myself that.
You're back.. Oh man I was worried. Elon Musk did hack you.. Same with two hispanic YT channels.
I saw that days ago and I did a post asking you if "you're HACKED too???" Because I was scared
not sure if its been addressed somewhere but some videos are still missing like the one where dixie laughs in the snow, hope every gets 100% back soon, i love this channel
So glad you got your channel back , I'm a youtuber myself fortunately my channel isn't big enough for anyone to target but the thought of losing years of videos that take hours of time editing is scary to say the least, ironically I have had an issue with Facebook years ago, someone reported my account and they took it from me no explanation beside breach of terms of service and not once did they reply what this breack of service was I know I didn't do anything wrong and breach the terms of service, they are aweful to deal with I did have a second account but instead of making it my main account or creating a new account , I've now been boycotting Facebook well over 25 years , fingers crossed there's a fox loveing Facebook employee out there who might step up and help you because otherwise they won't do anything to help you 😢
Matthias Wandel's channel got hacked in the exact same way. Everything from a spoofed email to the fake pdf file. Glad to see you got your channel back!
Good you got your channel back.
Just be very careful in the future - and make sure to back up your videos as well.
I'm so sorry this happened to you. I can't imagine the stress this caused and having to navigate through costumer service hell (even if some of them are nice).
Also sorry for reporting the channel while it was hacked. I didn't realize it would hurt. It was of course meant to flag it for Google to act quickly. They should really change that in the algorithm.
Ethan is a champion!
Edit: Oh and yeah Meta/Facebook is the worst when it comes to costumer service... They won't even take down obvious, malicious and fake news articles when reported, that lead to fake websites made to look like real news websites.
I've never been hacked before, but I do remember switching all my accounts over from the silly email address I made up as a teen, to a more respectable adult-sounding one. Just something this simple ended up being a horrible process I wouldn't wish on my worst enemy... so I can't Imagine the hellish nightmare you just went through.
I hope you get some rest, and are eventually able to regain your sanity!
I'm so sorry you had to deal with this...
Glad to have you guys back!
I went through this a couple years ago and I am a fairly tech savvy person. I'm 100% with you on automating account freezes. My bank freaks out and freezes my account if I'm just a few hours out of town, let alone an entire country away. How hard would it be to automate recognition of a series of a series of account changes from a new IP and then simply freezing it & requiring input of the last known good 2FA credentials?
Really great to see you back, Ethan! Well explained, hopefully this problem can start moving RUclips towards making things safer for smaller creators.
I figured you got hacked when there was a video about a space launch…
Glad you are back!!!
❤️❤️❤️👍🏻👍🏻👍🏻
Damn Ruskies!!! God Bless SAF & you and your lovely family ❣️❣️. No matter what happens you can rely that your fan base will be there waiting for you all❣️❣️🥰🥰. Thank you for the explanation!! Safety is always first. 🦊🦊🦊🦊
This is why you keep your personal stuff and business separate, never use the same computer for both.
I saw the content on your page and knew that you'd been hacked. I'm glad you got it fixed fairly quickly.
Cannon email was spoofed. Never open any files all so verify any sponsorship with the company
FB sucks. My husband got hacked, he's rarely even on, we reported it right away. Absolutely no help. He had to make a new page, fine, but the hacked page is still there, selling puppies. Ugh.
If someone is still using your husband's page to sell puppies, you should report it to your state consumer office, BBB, even the FBI because it was stolen. Using a stolen page to sell animals is illegal. If you don't report it the scumbags will keep doing it.
Ethan, Mighty Keyboard Warrior! Hero To Foxes And Other Animals! All Hail His Mad Skillz! :D
Yes, Ethan is a hero. Thank you, Ethan.
Don't feel bad!!! Even Jim Browning got the same kind of issue with his youtube account. It is NOT your fault! PLEASE don't blame yourself. It's good you shared your story, it gets the info out there. 💕💕💕💕💕💕💕💕
So glad you have channel back but its about time youtube did something to fix this and stop the hackers, its absolutely shocking! its peoples lively hoods on the line.
The Russians just pissed me off. So I ordered some items from your Amazon wish list. Expect delivery on the 13th. 😊
Agree that youtube has to have a better system place. Primarily regarding changing passwords, TFA etc.
I really appreciate your guys' transparency on this whole issue as well as going into the technical aspects as to what happened. On a side note, I recently got an email from Canon about a firmware update for my digital camera. It didn't have any attachments or anything but once I saw this video, I deleted the email immediately.
Most likely the hackers had a backdoor in the Canon Corp's mail servers which is a pretty common tactic for spam.
They don't need to do even that. Scammers can make the "from" look like it came from anywhere.
Not true, this is so easy to spoof without any single backdoor access. I can send an email with a spoofed header within seconds.
@@janhoch9932 Sure you can spoof an address but is that spoofing the certificate? He said he looked pretty hard and it looked legit from Canon that's why I think it was just a back doored server.
@@janhoch9932It's easy to spoof, but Gmail is sending em straight to spam and saying it's unverified sender
No? More likely is that they just spoofed the email address
The same thing happened to miss bubbles. Glad you got everything back
I was wondering about the connection to Elon! 😅
Glad you're back. ❤❤❤
Terrible, hate to hear that this happened. Thanks for the tips.
Wow what a HUGE bummer. So sorry and hope that’s the end of it. How did you know what country it was?
Some people are just evil
I'm really glad you got your account back!! But one thing I didn't understand was the TV static silence while this was all happening on your Patreon. There were a couple posts since the hack from SaveAFox on the Patreon, but none of them addressed this and said "Hey we got hacked, don't trust the youtube channel!" as a warning to patrons. I think that would have been a good move, because you guys have a LOT of followers and someone might fall for it if they didn't know.
Those were probably automatic uploads that had been scheduled to release at certain times. It seems like they were too busy trying to fix things to think of putting up a message anywhere.
@@ClockworkChainsaw I was thinking the same after I posted that. They were likely in the thick of it
Never considered the long-term implications of reporting a channel, so I apologize for reporting yours while it was hacked, and thanks for bringing that up. Glad you’re back!
They really are getting away with so much. None of those steps should be that easy. I got hacked a few years back and was literally watching things get changed. Relatively easy to fix, but it was from a copycat site, too. 'Good to see you back, and nice to know a fox fan helped. Meanwhile, I got my SAF playlist of 150+ videos back, as well!
So glad to hear that y'all have control of the channel again! One thing you (and all content creators) can do to prevent the session token hacking is have a laptop/virtual machine solely dedicated to uploading videos and not having the channel account session token on your daily PC. Having the SaveAFox channel session token only on this separate laptop will ensure that the hackers won't be able to get the session tokens for the channel account even if this fake .pdf file thing happens again on your daily PC. Although it seems annoying to have to use another laptop to upload every video it's def worth the extra steps if it means the channel doesn't get compromised again.
Sounds like they need a tech expert to help them.
Qubes OS can be a good option for the scenario you describe. Has a steeper learning curve than the average OS though.
Finally. I was frantically trying to figure out how to help you fix it.
I’m sorry you went through that and glad you got the channel back, mostly because the content you create supports the most important thing you whole team is invested in, saving foxes. I personally don’t watch for content although it’s the sweetest and cutest on RUclips, I watch and don’t skip ads, sometimes letting your videos run in the background to help your numbers, because the foxes need you all. Love you all!
Same thing happened a few months back to Matthias Wandel, scammers suck!
Those darn rushishians!
Sheep
@@purecountry6672 Russia doesn't exactly have a great track record these days anyways.
Majority of UK and US intel have released reports that Russia contracts tech savvy citizens to mess with western media. Now, they didn’t go so far as to effect the previous election as some claim, but they are absolutely meddling with other people.
@@SnyporNeither does the West. Tens of millions of people are dead because of Western financial institutions and corporations.
@@purecountry6672Bot
Damn Ethan... I know that scams are getting more proffesional each time all the time, but that thing with legitimate Cannon adress and then the token is wild for me... I will be much more carefull from now on :D...
Also, HUUUGE shoutout to the SAF fan Google employee!!! Big respect and thanks!
Yeah and on the end note- what was the goal of that scammer? Like, why to promote Tesla ? XD eLOn mUSk doent need any more influence lol
The first thing I did was contact support and said your account was hacked trying to help, I am sure I wasn't the only one. Glad you got the account back! Support actually told me to report the channel, I did not thinking how would that be the right thing.
I'm glad you could have your account back! You're not at fault, they're bad people.
hopefully you lost no $$$