A fake YouTube phishing site has been catching out Syrian activists attempting to watch videos and leave comments on the struggle, infecting their machines with malware and stealing their login information.
The site, designed to look very much like the real deal, has fake videos of Sryian activist actions with enticing titles. However, upon clicking them, users are prompted to update their flash player with a simple download - which in doing so infects their machine with malware. Also if at any point a user wishes to comment, they are given a login screen which if input to, steals the information.
The Electronic Frontier Foundation has been on top of this for a while now, claiming that this sort of activity is most likely perpetrated by pro-government Syrians in an attempt to identify those that might be involved in protests and anti-government actions.
It has already warned of two different cases of malware that tracked what users type and sent this information to an Internet address linked with the Syrian Telecommunications Establishment, suggesting some sort of government involvement.
To counter these efforts, the EFF is recommending that all users wishing to look up Syrian activities use two fold authentication on their account which sends a warning to a user's mobile phone if it is accessed from a different location than usual.
However it might just be easier to keep an eye on that URL bar. If it's not exactly what it should be, then take a pass. Just be aware. That's the best way to avoid malware and similar harmful applications..