A recent viral trend circulating on social media—promising a “Pinay Gold Medalist” video featuring a woman named Zyan Cabrera—has been exposed as a sophisticated cybercrime scam designed to steal personal information and install malware on unsuspecting users’ devices. Despite widespread curiosity, there is no such video, no Olympic gold medalist named Zyan Cabrera, and no scandalous leak. Instead, this is a carefully orchestrated SEO poisoning attack that exploits trending keywords related to the upcoming 2026 Winter Olympics to lure millions into clicking malicious links. This article unpacks how this scam operates, the dangers it poses, and practical steps you can take to protect yourself.
### Who is Zyan Cabrera? Debunking the Myth
First and foremost, it is important to clarify that Zyan Cabrera is not an Olympic athlete nor a gold medalist. The name belongs to a Filipino social media content creator known for dancing, lip-syncing, and everyday lifestyle videos under the online moniker Jerriel Cry4zee. The claim of a “Pinay Gold Medalist” video is entirely fabricated, created to deceive users into clicking dangerous links. There is no leaked video, no private footage, and no scandal surrounding this individual. The viral posts promising such content are part of a malicious campaign preying on people’s curiosity and the hype surrounding the Winter Olympics.
### Understanding the Scam: What is SEO Poisoning?
At the core of this cybercrime is a technique called SEO poisoning. SEO, or Search Engine Optimization, is normally used by websites to improve their visibility on search engines by using popular keywords. Cybercriminals abuse this concept by attaching high-traffic, trending keywords—such as “Winter Olympics,” “Gold Medalist,” or popular creator names—to malicious links. This manipulation enables their posts and links to appear prominently in search results and social media feeds, bypassing spam filters and moderation systems.
In the case of the “Pinay Gold Medalist” scam, the criminals have flooded platforms such as TikTok, Facebook, and X (formerly Twitter) with numerous posts linking to fake videos. Even if one post is taken down, dozens more quickly replace it, making it difficult for platforms to keep up. The result is a widespread, persistent presence of malicious links that appear legitimate and relevant to trending topics, enticing users to click.
### How the Scam Works: What Happens When You Click
The scam begins when a user encounters a viral post—often a low-quality video clip claiming to show the so-called “Pinay Gold Medalist” in a private or scandalous moment. Clicking the link does not lead to a legitimate video but instead directs the user to a fake streaming site. These sites are hastily built to mimic well-known platforms like Google Drive or popular video-sharing services, making them look authentic at first glance.
Once on the fake site, users encounter deceptive “play” buttons. Clicking these buttons usually causes the page to reload repeatedly, all the while silently capturing the user’s IP address and device fingerprint. The device fingerprint includes detailed information about the user’s browser, operating system, device model, location, and connection type. This data is extremely valuable to cybercriminals.
Users may then be bounced through several redirects—each new URL collecting more data about the user and their device. Eventually, the site prompts users to “verify” their age or “unlock” the video by taking actions such as allowing browser notifications, logging in to Facebook or other platforms for supposed age verification, or installing browser extensions.
This is the critical point where the risk of malware infection escalates sharply. By following these prompts, users may unknowingly download trojans, spyware, or keyloggers onto their devices. These malicious programs can steal sensitive information such as passwords, hijack active browser sessions, capture keystrokes (including banking credentials), and even spread to other devices connected to the same network.
### The Aftermath: What Happens to Your Data?
Many people underestimate the risk of having their IP address and device information stolen, but this data is far from harmless. Cybercriminals aggregate and sell IP addresses combined with behavioral data and timestamps on dark web marketplaces. These databases are segmented by location, mobile carrier, and device type, making them valuable to spammers, fraudsters, and operators of botnets—networks of infected computers used for large-scale attacks.
When combined with other leaked or breached data—such as old email addresses, passwords, or