Let us begin by reassuring all concerned fans of Justin Bieber that he is alive and well despite Internet murmurings of a fatal car crash. Indeed, like Mark Twain before him, it seems rumours of his death have been greatly exaggerated.
 

What is an XSS attack?

This type of website weakness is called a cross-site scripting (XSS) flaw and, on this occasion, Google (YouTube’s parent company) moved to fix it in a matter of hours. However, important lessons must be drawn from this event. XSS attacks are a serious problem as they have the potential to fool unsuspecting users into revealing login details or visiting malicious web pages.

Since these prank pop-ups originate from a trusted site, they tend to carry greater legitimacy in the eyes of the reader. Attacks have been known to fake an entire login screen encouraging users to update their passwords or give up other personal details - although neither of these is thought to have happened in the case of the Justin Bieber breach.

How to avoid becoming the next victim

In the same way we (hopefully) exercise a healthy degree of scepticism when leafing through a tabloid newspaper, it is even more important not to believe everything we read on the Internet. This may seem an obvious claim in the cold light of day, but all the evidence highlights just how easy it is to be suckered in.
 
Ensuring your antivirus protection remains up-to-date will help protect your systems from malware on rogue websites to which you may be redirected, but users must also demonstrate vigilance to prevent falling foul of phishing attacks, which request sensitive data such as passwords and bank details to be submitted.

Just because it looks like your bank login page, just because it looks like the Facebook home page, doesn’t mean it actually is. Think about the route that lead you here and have your wits about. And don’t believe everything you read on the Internet - except our newsletter, of course.