A new scam targeting website owners threatens legal action for alleged copyright infringement. The scammer claims they own images displayed on the site, and that the site is infringing on their copyright. The scammer instructs victims to click a link where they can see which images supposedly infringe on the scammer’s copyright. That link either leads to a phishing site where victims are tricked into handing over money or information, or it downloads malware.
We spotted this scam on Comparitech when it was posted in the comments section of an article:
Hi there!
This is Melanka and I am a licensed illustrator.
I was puzzled, putting it lightly, when I came across my images at your web-site. If you use a copyrighted image without an owner’s license, you’d better know that you could be sued by the copyright holder.
It’s illegitimate to use stolen images and it’s so wicked!
Take a look at this document with the links to my images you used at www.comparitech.com and my earlier publications to get the evidence of my legal copyrights.
Download it right now and check this out for yourself:
https://sites.google.com/view/REDACTED/drive/folders/storage/shared/download?fileID=REDACTED
If you don’t delete the images mentioned in the document above within the next few days, I’ll file a complaint against you to your hosting provider stating that my copyrights have been severely infringed and I am trying to protect my intellectual property.
And if it doesn’t work, for damn sure I am going to take it to court! And you won’t receive the second notice from me.
We didn’t click the link. If you encounter a similar message, we strongly recommend you do the same and mark the email or comment as spam.
What should I do if I’ve clicked on a malicious link?
First off, try not to panic. Begin by disconnecting your computer from the internet. This will stop anyone from controlling your device remotely or monitoring your activities. The next step is to run an antivirus scan to get rid of any malicious software that might have been installed. We recommend TotalAV and Norton Security. These services are reputable, affordable, and great at detecting common types of malware. Better still, each has a money-back guarantee so you can try it risk-free.
Next, it’s time to change your passwords. Generally, scammers aim for online banking services, PayPal, or Venmo, so start with financial platforms first. We’d also suggest letting these services know you’ve been scammed so they can keep an eye out for suspicious activity on your behalf. You may also want to start using a password manager to make sure that one compromized password doesn’t grant access to multiple accounts.
Finally, consider brushing up on a few cybersecurity fundamentals like how to spot online scams, keeping youself safe with free privacy tools, and avoiding the most common security pitfalls.
Signs of a scam
So how do we know this is a scam? Because there are no copyrighted images in that article. The images were either made by us or are screenshots of a Facebook Messenger conversation. Furthermore, Comparitech never knowingly uses copyrighted images without permission. We usually rely on our own images, public domain images, or images with a Creative Commons license. But it’s easy to see how a website owner who is lax about using copyrighted images might get tricked by this scam.
What are the other signs that this is a scam? Let’s take a closer look, line by line:
- Melanka doesn’t have a last name. Suspicious. Notably, on occasions where this scam has appeared elsewhere, the scammer uses a similar alias, such as Mel, Melinda, or Melissa.
- Melanka claims to be a licensed illustrator. While illustrations can be licensed by an illustrator, illustrators themselves do not require licenses. Similar scammers pose as photographers.
- The link provided downloads a file. Although that doesn’t necessarily mean it’s a scam, it’s wise to avoid clicking unverified links, especially ones that can download files to your device. There’s a good chance malware is implanted in the download.
- The scammer makes a time-sensitive threat. This is a hallmark of almost all scams: the scammer tries to instill a sense of urgency in the victim. This can force victims to make decisions without fully thinking them through.
- This is a comment on an article on our website. It’s not hard to contact us directly. No legitimate legal threat would be put in a comment. It’s worth noting that other victims have seen this scam come directly through email.
What’s the goal of this scam?
If we were to fall for the ploy and click on the link, what would happen? There are a few possibilities:
- The link could download malware onto your device. Malware can give the attacker access to your device, steal information, add your device to a botnet, encrypt files for a ransom, or spy on your activity, among other attacks. Given that the link supposedly downloads a document, an MS Office macro attack seems likely.
- The link could go to a phishing page that looks like a legitimate website. If the victim enters payment or login information, it goes straight to the attacker.
The attack might well be automated, scanning websites for specific elements such as comment and contact forms, and sending threats like the one above without any further input from the instigator. Automated attacks can target dozens or hundreds of sites at a time, and that would explain why the attack varies so little from site to site.
What if it’s real?
If you have used copyrighted images without permission, either get permission or replace them with images that do not require attribution or permission. Simply removing the offending content should be enough to satisfy the real copyright holder.
Copyright trolls are a real thing. They hunt down unlicensed content and threaten legal action against copyright infringers—usually software and media pirates. They often send settlement letters demanding payment in order to avoid going to court. These are usually hollow threats, but not always.
If you don’t have any copyrighted images or other content on your site that you’re using without permission, then you have nothing to worry about and can safely ignore the threat.