Google decided to release new TLDs (top level domains) which are the variations to .com (.net, .gg, .ca, etc.). And these new TLDs are .zip and .mov. Now a website like fortniteburger.zip sounds pretty cool, but it really just gives scammers another tool to trick people into clicking onto malicious links.
And when I mean malicious, I mean it. Imagine clicking on attachments.zip, and downloading attachments.zip. You wouldn't really bat an eye. But what happened is that you downloaded malware from attachments.zip (a website with the new TLD) and now you're about to run it. YIKES. Google really did make scamming easier.
My grandma definitely losing half of her retirement on this one, big ups google. Maybe subscribe so I can help her get it back.
SOCIALS
-----------------------------------------------------------------------------
Discord Server
/ discord
Twitter
/ notexttospeech
TIMESTAMPS
-----------------------------------------------------------------------------
00:00 - Okay google, don't mess up.
00:25 - SCAM LINKS!
02:16 - Advanced Scam Technique
06:14 - More Phishing Links
08:13 - Why
Always leave it up to the largest multi-billion companies to make the internet a worse place because the ones in charge can't think five minutes ahead
Oh, they can. It's just that they keep looking down the best case timeline where everything goes perfectly and they make all the money.
If google makes this cheap, its gonna cause a lot of havoc
My personal theory is, they want the chaos it will cause (notice how gmail never linked the domains from text including . zip?), They want to create a problem they can then sell the solution to. People are going to want chromes site detection for malicious sites that goes outside of just https cert checking even more now. As well as mistrusting movs for sharing videos, and zips for sharing folders, thus leading to higher youtube and google drive usage...
no way kogasa tartara from the hit game touhou
@@lightningblaze6449 yep u guessed it. It probably just opens up possibilities for big companies to create blockware against this stuff to sell at high prices
If NTTs decide to make more videos that are not related to Discord, I wouldn't mind, this man takes the time to do very well done research.
+1 NTTS gave very solid examples of how they could be abused
Most common NTTS W
@@NoTextToSpeech please keep doing these cybersecurity videos! i had no idea about the new tld’s and didn’t know urls could be exploited with the username:password thing. your videos are really engaging and easy to digest so imo they’re great for educating people about online safety
Agreed. I only watch this channel because it's cybersecurity related so it's nice to see more cybersec related coverage.
i think this is the best idea ever. We definetly need a .exe domain
Sonic.exe
🤣🤣🤣
Don't give google any ideas
YouAreAnIdiot.exe
word.exe
Not sure how Google didn't think this through. They're one of the largest companies in the world, and they can't even afford to consider that this could happen.
Ah you see, being a big corporation means that they can afford to fuck you over, thats all it means at this point in society
The end user should be smarter
@@topshelf5032a good design has to take in consideration people from every age and every range of knowledge
@@topshelf5032 the slash is too sneaky to be detected
But think of all the money they'll make from the scammers (and security professionals trying to protect from scammers)!
As a note, Firefox has an additional protection against this. If you actually try to go the site with the username thing, it'll pop up a warning saying is this the site you really want to go to.
Firefox > Chrome always, unless a site won't work and forces you to use Chromium.
@Deprecated Firefox is an actually great browser tho, I made the switch in January and haven't looked back
@@lesigh3410 this, i've been using firefox as my daily browser since 2020 and the only time i've installed chrome since then was to test something with puppeteer
@Verm Fair enough if you had a bad experience with it, but for me it's been way better than Google ever was.
@@vonKarma1186 I really only use Google now cuz my preferred art program doesn't work as well on Firefox
These people who register these domains to prevent them from being taken by scammers are actually legends (even the rickrolls)
Chaotic good internet dudes being bros.
Specially* the rickrolls
Yeah but how many time they will put money on these domains? 🤷🏻♂️
@@corrompu98 tbh its very cheap and you only pay yearly at least here 😅
@@arcanep I mean, you talk as if he's going to preserve just one.
wouldnt be surprised if google did this on purpose to sell some sort of solution at a later point
It’s funny the fact that lots of companies make new features without (most of the time) thinking about if scammers can take advantages of them or not
They assume people aren't dumb
i bet they do, so they do it and then they sell their own “solution” to the problem they made
With big corporations like this, I think it's safe to assume malice before stupidity, since this had to go through *dozens* of people!
@D.R.M. Mefreji that's dumb of them
@@youlean Yes, agreed
And you wanna know the worst part? Well, apparently this concern was actually brought up, but they decided "naaaah it's fiiiine having just one more tld that no good website would probably use anyway because it's so stupid is deeeefinately worth opening the floodgates for these scams"
Don't you love it when giant corporations ruin themselves
Yes because they know theyre so big no can afford not to use it so they get away with everything
Ruin? You completely got this backwards my man, they are getting EVEN RICHER with this!
Yes I love it.zip
Gotta love it when No Text To Speech uploads! Google loves dissapointing people.
I agree
This is another reason why I left Google for Bing.
@@overshabby k
so did google just say that they want to make mov and zip files go extinct like the com files they were talking about? Google's old motto of "Don't Be Evil" definitely seems like something they left it the past.
No, they didn't.
Can't wait for google to drop their own versions of zip and mov
@@Mathman2028 they probably have a hundred different versions of zip and mov many softwares use different versions of zip to store their own things, so you can probably find some random extension that opens up with 7zip
@@Mathman2028 you mean brotli and vp9?
I wonder how Discord and Google CEOs aren't best buddies, they have some of the best ideas ever!
just wait until google realises discord's getting away with id verification with the bot verification system and go "if they can get away with unnecessary id verification, so can we!"
I love that people are actually sharing this all around, I have heard about this twice on ThioJoe's channel as well as twice on LTT channels
i really wouldn't mind any more videos like these! your discord related videos are of course amazing but I also love these scam videos! they're fun to watch and also educational !! ^_^
This man makes any tech news so interesting
Heard about the .zip URLs, glad to see you're spreading awareness about this. Hopefully browsers or something will have a popup letting people know it MIGHT be suspicious.
Firefox always had that
Well guess who the most popular web browser is owned by, google. The ones who caused this whole thing in the first place
Fr.zip uwu.zip q.zip w.zip e.zip r.zip t.zip y.zip u.zip
I like how i initially started watching this channel to keep myself more aware of scam/spam, but now i'm watching to find funnier ways to troll my friends. Thank you No Text To Speech for giving me good ideas
I'm glad I watch you, it's great to learn something new and also stay safe.
0:54 how tf did that keyboard smashing sync up so well
Google and discord, both never fail to disappoint 🙏
If you'd spend your time actually watching the video instead of writing low-quality commands for absolutely no *ucking reason you'd know that discord actually prevents this scam from happening on their app
@@quinacon I’m aware of it, still discord never fails to disappoint 😮
@@quinacon Pretty sure hes talking about the new discord username system or any other bad updates discord has made, not that discord is letting the .zip thing work as links
@@12a6bobo yea, seriously discord has been making REALLY bad decisions recently and even in the video NTTS said he doesn’t know if this was before or after the .zip came
@@12a6bobo I'm pretty sure he can't watch an 11 minutes video in 2 minutes so he just thought of something stupid to get likes
2:28 YOU ARE PRONOUNCING IT CORRECTLY!!!! CONGRATS!!!!
👍 😂😂😂
Waited for your take on this topic Thanks!
0:48 - This is basically why I hate talking about Minecraft Bedrock Versions because there are so many numbers that it can look like a weird IP Address
thank you from the security community for making this video
I've been watching a whole bunch of these. And I absolutely adore the outro.
Fun fact: Firefox shows a "are you sure you want to log in with username ...? this may be an attempt to trick u" warning before visiting a url with url login
Damn, google is just devious at this point.
Fr
It gets a little... quirky at night
@@fallacy08_shrine pause
@@fallacy08_shrine proof?
@@fallacy08_shrine sussy google
shoutout to the people who bought some of the domains to warn people about these scams and prevent scammers from using them. but they shouldn't have had to do that to begin with, why the fuck did google think this was a good idea 💀
Love the madlad who turned the attachment into a rickroll
Thank you for the explanation at 7:05, I wasn't completely sure how sub-domains work before this - so will definitely be more vigilant.
Who the hell thought this was a good idea, and who the hell approved it? Did they not see the possibility of this? Utter idiocy and incompetence, I swear.
Thanks for bringing more attention to this. it's such a bad idea and I hope it gets changed
yooo spore pfp?
spore pfp = got my respect
childhood flashed before my eyes when i saw that spore pfp
Spore galactic adventures? Let’s go!
One of the main reasons I watch your videos is to be updated with whats been going on. I certanly didn't knew about that "dot zip" and "dot mov" update on google, but I saw your video on my recommended and just ty. If i didn't knew this later on I would just get malware of that. Please continue making videos about this that, even if they aren't about discord. They are important to make because theres a big danger going around with a new method for scams. And thats all I got to say. Continue being an awesome youtuber and all the best. love ya too *kiss* *Kiss*
Congrats on 400k!
Ah yes Google using its infinite wisdom.
I hope they undo the new url domains, cause I really don't want to deal with this and I don't want to have to explain this to people who aren't the wiser when it comes to clicking stuff on the internet
Undo domains is a thing, you don't want to do. What is possible, to don't allow new ones
@@schwingedeshaehers TBF it's at the domain registries' hands, although it might cause some chaos...
@@erikkonstas to disallow new addresses yes, but close everything could be hard
BEEN BIGING THIS FOR LIKE 4HRS NOW I LOVE IT HERE
4:44 But what are they gonna do if steam 2 goes down too ? Valve doesn't know how to count to 3 !
they use v2.1!
Always the big multibillion dollars companies do this, whoever was incharge of this change didn't think if it was a bad decision.
Cause scammers are customers as well. I'm almost confident that this was created with malicious intent! Scammers will use dozens of URLs, which they have to pay for, and _who_ gets that money? *Google!*
The way you end your videos is so cute
Gotta love it when No Text To Speech uploads ❤❤
I'm just glad that SOME people are watching out for the monkey brain idiots by registering URL's that could be scams and making them into warnings instead.
Dont blame the user bruh like if for some reason your cars companies decide to swap the brake with the gas then they are at fault
Google makes profit off both good Samaritans and cyber-criminals. This is what they want.
ah yes, because the "monkey brain idiots" are supposed to know the intricacies of browsers and unicode characters come on mate, it doesn't take a genius to realise that not everyone on the planet knows everything about tech
@@Sunzen44 If people are blind enough to click on random links then they deserve to be scammed.
@@AchillesOnYT jim browning, well known and very respected scambaiter in the scambaiting community, fell for a scam a while ago, you can view more info on that via his "my channel was deleted" video jim browning isn't some random person that doesn't know what he's doing either
Then: Google chrome, the safest way to browse the internet Now: Google chrome, a scammers dream
right, i use microsoft edge
@@liqznaa id rather get scammed then use microsoft edge😂
Firefox is better than Chrome
@@Bleyk and no one use it for some reason
@@Somanybot almost everyone used that, but when chrome came, everyone switched because " *google* chrome"
Discord actually converting the links to the malicious one for you? Wow i would of never expected that, good job on discord
What do you mean? The original link is already malicious. Plus would a domain that had youtube in it be more trustworthy then just fortnitehacks? I think so, which is exactly why it doesnt show the youtube part of it.
Google never fails to disappoint 🔥
Great, now I have to make another internet safety Powerpoint for my grandma!
Phew. Now I can be aware of such scams. Thanks bro 👍
Bruh the double love you at the end makin me feel lonely. Thx ntts
just tested it, opera gx (yes the 739th chromium based browser) does have the nice little feature of subdomain shading that firefox has
I am a somewhat techy guy (I've done coding here and there for fun), so I know how to properly decipher if a domain is gonna be what it says or a virus. But there are a lot of people that would fall for this. My little brother just got a pc recently and this seems like something he'd fall for trying to mod games or something. Not only did Google come up with the worst domains possible, but ICANN had let it pass as well.
google is really dumb as hell for literally adding the ".zip" plus with the @ thing the scam is even more harder to figure it out also google does not disappoint when it comes to Disappointing users
I appreciate all the good people out there who claim the dangerous domains to educate people about online safety
literally learning top tier internet safety from this guy
1:42 your WHAT proposal?
0:24 uhhhh... nice files you have
My dad had those flies
@@BlobyTheBlob15even fortnite rule34?
@@VilactDoesntSayShitYourselfNowwe don’t talk about that
Well damn, i liked to think of myself as a internet veteran but i didn't even know about the @ thing, you learn something new every day i guess.
Yesterday I dreamed you where advertising atlas earth and I have never been more dissapointed. You even made a cover of that one ad.. XD
I wonder what Google, in its infinite wisdom, will add next. .txt? .pdf? .exe?
"a .txt URL is for text-based platforms, like ao3. If you want to let someone know that your website is dedicated to reading or writing text, use a .txt" "a .pdf URL is for viewing-based platforms, if you want someone to see but not edit, use a .pdf" "a .exe URL is for discussing plans. When you need to discuss or plan things over the internet, use a .exe"
BROO I MADE A SUGGESTION ON UR SERVER 6:44 , THERE ARE NEW ROBLOX SCAMMERS EXPLOITING THAT FOR A WHILE NOW
You pronounced Kubernetes completely correctly. That's actually astounding.
6:20 polish domain xD
Polska Gurom!
Polska dotarła
Can't wait for this to backfire and lead to random accounts being terminated for no apparent reason on different platforms. A KZheadr I watch once got strikes against their channel because they did the due diligence of linking to a mod they used in their playthrough of a game. YEARS LATER, that domain gets sniped and links to malware, and the KZheadr is automatically in the firing line for linking dangerous content. This is almost certainly going to lead to random typos and discussions on file types being flagged.
"I said i love you twice because i double love you" is so wholesome omg!!
These cyber criminals are probably like “NOOOO, You ruined my plans to take everyone’s accounts!”
Google & Discord are partners when it comes to disappointing
Someone should sue ICANN for reckless endangerment of property. I mean, come on, it's only a matter of time before bad internet awareness in combination with these new filename-confused TLDs causes companies to start losing major amounts of profits.
5:42 That existed for years... I tried to test the http login system (HTTP Basic Auth for the nerds) out using normal domains this way before but it turned out to work like you just showed.
I can see Web browsers give anti-phishing warnings on “.zip” domains, or even treat all .zip websites as phishing websites.
5:38 It was definitely before, I tried it the day the .zip domain released and it shortened
Yeah same. There's no way Discord would be that fast to respond.
@@natec1 Yup
People usually watch NTTS for cyber security information and discord news. I watch NTTS for the kisses. We are not the same.
he be kissing me
I watch him because
best outro on youtube (i just watched another video before this one)
I was watching this as a web-dev, and I was wondering what was the whole fuss about... Then you reminded me of the @ sign for Basic Auth... oh no...
Imagine someone don’t knowing this guy trying to scam him😂😂… Wait that can be a very funny video😐
so the solution is to use your group policy editor to block all zip domains and you'll be just fine
This does not work if your Windows license is not Professional/Enterprise. I doubt Home/OEM license have policy editor.
@@RyuSei544732 linux user:
@@Somanybot Not all of us are damn tech geniuses okay I look at a laptop wrong and it dies
@@RyuSei544732 it's not like you can't just upgrade your home to pro cheaply lol
@@_lun4r_ "Cheaply"... you know that money feeds some people for weeks right...?
Everyone should know about this by now as you're like 100th youtuber talking about it
As a "Computer hacker man", I can confirm you are pronouncing Kubernetes correctly.
Gmail did something too, if i had 5-10 spam emails a year, now i have 50 a day. Old email, since beta version of gmail pwned via myspace, lastfm and many more but theirs filtering was way better before. Now some spam gets into inbox even ... Great video !
at least you can use nextdns to block all zip domains to avoid getting tricked
Except for everyone that doesnt know that nextdns even exists
@@erroristlagoon1130 at least I'm trying to help spread the existence of the app/software after watching ThioJoe mentioned it to block newly made sites and a recent video about the zip domains
how long will it take for a google employee to fall for a .zip domain scam
I got the google ad talking about how they protect you against malware while watching this 😂
My day is now better because NTTS double loves me now.
1:47 tweeter 💀
my favorite social media website, tweeder
Google made Scamming Easier!
i find it funny how the biggest companies tend to have the worst security, unlike smaller companies
As an indian this video made my day
😂😂
This isnt related to the video but i just love it when he says he loves me at the end of his videos it makes my day better
this was almost guarunteed to be designed to screw over pirates specifically
NoTextToSpeech uploaded a new video 4 minutes ago? Time to get the top comment. potato
you pronounced kubernettes correct
I just learned more about URLs from this video than what my teachers tried to teach me xD
let's goooo new scam lore just dropped
u rlly love me? 🥺❤
yes
No 🥺❤
@@blahaj. ur lying he said he loved me 😭
If I had to guess, these changes are meant to make piracy seem more dangerous than it actually is. By making people scared of .zip and .mov links, less folks are likely to start pirating since these file types are most commonly used (.mov for pirated movies, .zip for pretty much everything else)
Kinda makes sense as twisted as it is
Cool, now we can teach then about torrents.
@@TOTU inb4 .torrent becomes a TLD
@@MasicoreLord then huzzah magnets!
bruh what
The most real thing about this video was the „He doesn‘t hang up, i always have to hang-up myself“ lmao
I got a google chrome ad talking about how chrome protects against malware
discord saves you, but also throws you, You can place the link in a 'code block' and it will not format, like this: ``` Link here ```
People also can't click it then...
“Scamming got buffed” 😂
The r . zip somehow turned into a Heavy and I realize the malware has turned into the spyware, yum yum yum
I like how ntts's best recommendation is an already watched video about the death of AI girlfriends.