Criminals Target Megaupload Users With Fake Settlement Demands

Home > Anti-Piracy >

Criminals are attempting to extort Internet users by claiming there could be financial implications for those who used file-sharing site Megaupload for infringing activities. For the past several days a fake law firm claiming to act on behalf of entertainment companies such as Universal, Sony, EMI and Paramount has been claiming cash settlements from innocent victims.

Schemes which require alleged copyright infringers to pay cash settlements to make lawsuits disappear are nothing new.

Those describing these revenue-generating projects often do so using the word ‘scam’, but while the schemes are questionable, in many cases the companies carrying them out are genuine rightsholders supported by real lawfirms.

Over the past couple of days a pair of cast-iron scams have been targeting file-sharers, one mimicking the model used by so-called ‘pay-up-or-else’ lawfirms and another with a more technical approach.

The first targets users of the now-defunct cyberlocker service Megaupload. Playing on the fears of people who may have used the site for infringing purposes, the documents supporting the scam claim to be from legitimate-sounding German lawfirm “Dr. Kroner & Kollegen” of Munich.

As can be seen from the screenshot below, the fake lawfirm claims to be acting on behalf of rightsholders such as Universal, Sony, EMI, Warner and Dreamworks.


Supported by fake IP addresses and timestamps, the scam ‘lawfirm’ lays out its case. Since the user has downloaded unauthorized copyrighted material from Megaupload they are now liable for fines of 10,000 euros should the case not be dealt with effectively. But for a payment of just 147 euros the whole thing can be made to go away.

Other suspicious elements aside, no specific copyright works are named and the claim is missing the usual ‘cease and desist’ element common to these schemes. Furthermore, according to a OnlineKosten, any cash payments made would end up at an address in Slovakia.

Separately, GVU, an anti-piracy group responsible for the takedown of many file-sharing sites, has been targeted in a more sophisticated scam. According to the group, which was central to the huge operation that closed down last year, a piece of malware is doing the rounds which tries to scam file-sharers out of cash settlements using GVU’s name.


As can be seen from the screenshot above, infected users find their browsers hijacked and redirected to a page which displays a warning, claiming to be from GVU, that the computer in question has been detected sharing copyright works.

In a clear indication that this is definitely a scam, settlement of just 50 euros is requested via PaySafeCard to make a potential claim go away.

“The sender of this message is not GVU and we clearly distance ourselves from such criminal activities,” the anti-piracy group said in a statement.


Popular Posts
From 2 Years ago…