Many Clients are Receiving These e-mails. They are a SCAM
By: Scott Gallagher/Vertical Listings
Reports are continuing to come in from all across the internet about scammers who are sending malicious messages to website owners via the contact forms on their website. This phishing email scam aggressively accuses the website owner of using copyrighted images, and encourages them to click a link that supposedly leads to a list of the images that are in violation.Do not click the link!
The writer's name and message varies but claims she/he will file a complaint with the website owner’s hosting company and will sue them for the copyright infringement.
--------------------------------------------------Example 1: Here is an example of an actual phishing email received:Hello there!This is Melanka and I am a certified photographer.I was discouraged, frankly speaking, when I recognised my images at your web-site. If you use a copyrighted image without an owner's approval, you should know that you could be sued by the creator.It's illegitimate to use stolen images and it's so wicked!Take a look at this document with the links to my images you used at [WEBSITE ADDRESS REMOVED] and my earlier publications to obtain the evidence of my legal copyrights.Download it right now and check this out for yourself:[MALICIOUS LINK REMOVED FROM POST FOR SAFETY]If you don't delete the images mentioned in the file above during the next couple of days, I'll file a complaint to your hosting provider letting them know that my copyrights have been severely infringed and I am trying to protect my intellectual property.And if it is not enough, for damn sure I am going to take it to court! And I won't give you a prior notice again.
--------------------------------------------------Example 2: Here is another example with a similar message:
Hello!My name is Robert.
Your website or a website that your company hosts is violating the copyright-protected images owned by me personally.
Check out this doc with the links to my images you utilized at [WEBSITE ADDRESS REMOVED] and my previous publications to obtain the proof of my copyrights.
Download it now and check this out for yourself:[MALICIOUS LINK REMOVED FROM POST FOR SAFETY]I do believe that you intentionally infringed my rights under 17 U.S.C. Sec. 101 et seq. and could possibly be liable for statutory damage of up to $150,000 as set-forth in Section 504 (c) (2) of the Digital millennium copyright act (”DMCA”) therein.
This letter is official notification. I demand the removal of the infringing materials described above. Please take note as a service provider, the DMCA requires you, to eliminate and/or disable access to the infringing content upon receipt of this notification letter. In case you don't stop the utilization of the aforementioned infringing content a court action will likely be started against you.
I do have a strong faith belief that utilization of the copyrighted materials mentioned above as presumably violating is not approved by the legal copyright proprietor, its agent, or the legislation.
I swear, under consequence of perjury, that the information in this letter is correct and that I am currently the copyright owner or am certified to act on behalf of the proprietor of an exclusive right that is allegedly infringed.
--------------------------------------------------About the scammer:
The scammer uses different aliases and claims to be from the following professions:
- Professional Photographer
- Licensed Photographer
- Experienced photographer and illustrator
- Qualified illustrator
The sender is going by different names similar which include but not limited to:
We have found the scammer is using different fake email addresses, fake phone numbers, and multiple variations of a last name.The goal of this phishing scam
While the end goal remains unclear, the contents of the phishing email attempts to create fear in hope the website owner will click the malicious link that leads them to a file download. This is common in most phishing emails. If the file download is clicked, the scammer can potentially seize control of the website owner’s computer and hold it for ransom. The scammer could also access and compromise personal accounts such as email or bank accounts, and inject viruses into the machine (if your device is not protected by sufficient antivirus software).How you can spot a phishing email
There are several common practices that crooks use in their malicious emails. Here are a few that might help you more quickly identify shady business:
Ways to protect yourself against phishing scams
Grammar and spelling. The incorrect spelling of a simple word such as "web-site" is a red flag.
View the true URL (but DO NOT click it). Phishing scams will attempt to hide the URL behind text. Hover over the URL to see the true destination of the link.
Unsolicited attachments. Never click or download an unsolicited email attachment.
Intimidation tactics. The dual threat of contacting the website owner’s hosting company while taking legal action, is meant to intimidate and trick the email recipient into clicking the malicious link.
Phishing scams might catch you or your client by surprise, and sometimes people click the malicious link before they even suspect anything is amiss.
Use security software. Set the software to update automatically so it is ready to deal with new threats.
Set mobile phone software to update automatically. These updates often contain vital security protection against newly detected scams.
Use multi-factor authentication. The additional credentials will make it harder for scammers to access your private accounts if they do get your login credentials.
Backup your data. Copy the files to an external hard drive or use cloud storage to ensure backups aren’t stored on your home network.
Don't share any personal info. Many phishing scams will prompt you to share personal data including login credentials. Don't click on any links or download attachments from any suspicious email.
Slow down - read carefully. You probably have lots of emails in your inbox every day, and speeding through them might be a part of your productivity efforts. Taking even a few extra few seconds on emails could give you the time you need to assess their validity before click on their contents.