A new phishing scam strategy is making rounds on the internet and is targeting companies with websites, threatening them with legal action if they do not take down copyrighted images that the cybercriminals purport to own.

The phishing scam starts by notifying their potential victims that they have gone against the established copyright laws and have published images that belong to the email sender. The email, however, does not identify the said images, and the only information contained in the email is a link to a file for potential victims to download.

Over the few months, companies with websites have continued to receive nearly identical emails, all claiming that there are copyrighted images on these websites that should be taken down. The emails further provide links to external files that are alleged to contain the links to the said images.

The email reads:

“Hello there!
This is Melissa and I am a experienced photographer.
I was baffled, to put it nicely, when I came across my images at your website. If you use a copyrighted image without my approval, you must be aware that you could be sued by the owner.
It’s illicitly to use stolen images and it’s so mean!
Check out this document with the links to my images you used at and my earlier publications to get evidence of my copyrights.
Download it now and check this out for yourself:
If you don’t delete the images mentioned in the document above within the next few days, I’ll write a complaint on you to your hosting provider stating that my copyrights have been infringed and I am trying to protect my intellectual property.
And if it doesn’t work, you may be pretty damn sure I am going to report and sue you! And I will not bother myself to let you know of it in advance.”

Breakdown of the email:

Interestingly, all these emails seem to be originating from people with almost the same name that starts with Mel. For example, the email above was sent by [email protected], while other emails had variations of the name such as Mel, Melinda, Melina, Mellie, etc.

Another thing you notice in the email is the use of threatening language. The language is meant to intimidate their potential victims into acting in fear and rushing to open the link to see what images the email authors are referring to.

The use of legal language such as suing and copyright laws also creates legitimacy of the email sender and paints them as the aggrieved party. For unsuspecting victims, the language is meant to play into their psych and lead them to submit to the threats, leading them to click the links and download the materials attached.

Unfortunately for many victims, the email will be convincing enough and they will end up downloading the attachments and getting compromised.

Do not click the link or download its content

The motive for this phishing scam is to get people scared and click the link. Once the link is clicked, the files will allow the hackers to take control of your device through malware and viruses.

Once your content system has been compromised, cybercriminals can now be able to extort money from their victims through programs such as ransomware. They can also be able to have access to unauthorized content such as your online banking accounts.

In case you receive such an email from people purporting to professional photographers who have noted that your site is using some of their work, do not open the attached links.

When in doubt that the email may have some credence, audit your website to determine if you may have mistakenly used unauthorized images. Also, make sure you do your own research about similar emails to ensure that you have the full picture of what you are dealing with.

If you need further clarification from the email sender, contact them through the email and ask them to send a link to an article with their image. This will also help you determine if the email is genuine or not. In whichever case you plan on dealing with the phishing scam, ensure that the links attached to the email are not clicked to avoid cybercriminals from gaining access to your system.

Phishing scams can certainly feel overwhelming but know that you’re not alone. Partnering with an experienced website company can help protect you and provide the best experience for your users. Contact us today for a free consultation.