Scammers Use Fake Copyright Warnings to Steal Logins and Spread Trojans

Home > Anti-Piracy > DMCA >

It’s no secret that scammers are constantly trying to trick people into downloading malicious content from pirate sites. However, scammers are also targeting people who want to avoid copyright troubles. By sending fake infringement notices, bad actors hope to steal social media credentials and spread trojans.

DangerJust a few weeks ago, we reported how pirates are lured into downloading malware and trojans. However, people who want to avoid copyright troubles are facing similar risks.

As it turns out, fake copyright warnings and takedown notices are commonly used by scammers as well.

These scammers cleverly use the threat that copyright infringement claims pose to recipients. Many website operators fear legal repercussions and are eager to resolve these matters swiftly. Social media users, who risk losing their accounts, are equally concerned.

Fake Twitter Copyright Notices

Just a few days ago, journalist Shayan Sardarizadeh pointed out how scammers are impersonating Twitter support to report fake copyright infringements. If the recipient fails to respond within 48 hours, their account will be suspended, the message claims.

“Copyright infringement was detected in one of the tweets on your account. If you think copyright infringement is wrong, you need to provide feedback. Otherwise, your account will be suspended within 48 hours,” the direct message reads.

twitter copyright scam

This scam isn’t new. In fact, it pops up regularly. In this case, the scammers are phishing for account credentials, which is happening on other social media sites too, including Instagram.

Those who pay careful attention to the language deployed and the username that sent the DM won’t fall for the scam. However, when facing an account suspension, some people may lose sight of these details.

Tareting Blogs and News Sites

A somewhat more elaborate version of this copyright warning scam is targeting individual site operators. In those cases, scammers use contact forms and comment sections to alert blog and news site operators that copyrighted images were posted without permission.

There are several versions of this scam circulating but many use a variant of the following message, which is sent under different names.

My name is Tania.

Your website or a website that your company hosts is infringing on a copyright-protected images owned by myself.

Take a look at this document with the links to my images you used at and my earlier publications to get the evidence of my copyrights.

Download it right now and check this out for yourself:

—- scammy link —-

I believe you have willfully infringed my rights under 17 U.S.C. Section 101 et seq. and could be liable for statutory damages as high as $150,000 as set forth in Section 504(c)(2) of the Digital Millennium Copyright Act (”DMCA”) therein.

This letter is official notification. I seek the removal of the infringing material referenced above. Please take note as a service provider, the Digital Millennium Copyright Act requires you, to remove or disable access to the infringing materials upon receipt of this notice. If you do not cease the use of the aforementioned copyrighted material a lawsuit will be commenced against you.

I have a good faith belief that use of the copyrighted materials described above as allegedly infringing is not authorized by the copyright owner, its agent, or the law.

I swear, under penalty of perjury, that the information in the notification is accurate and that I am the copyright owner or am authorized to act on behalf of the owner of an exclusive right that is allegedly infringed.

Best regards,
Tania Ortega

Careful readers will notice that there are several mistakes in the notice. However, in their panic, some people may simply read over these errors. Instead, they will click on the Google link where they can download a “Copyright Infringement Evidence” package.

scam copyright infringement package

Needless to say, downloading and running these files will infect people’s computers with all kinds of nastiness. Google takes these links down when they are reported and we couldn’t find a live one. However, Techlicious linked one package to a Ransomware trojan.

The comment and contact form scam appears to be widespread. Numerous site owners have received variations of a similar message over the past few days. While many recognize it as a scam, it’s not hard to imagine that some will fall for it.

All in all, it is safe to conclude that pirates are not the only ones who risk running into malware and trojans. On the contrary, those who want to avoid copyright troubles at all costs are actively targeted as well.


Popular Posts
From 2 Years ago…