Copyright Image Scam Could Crush Your Company
When a business owner opens an email to read the words, “I came across my images at your website. If you use a copyrighted image without my permission, you need to be aware that you could be sued…” they may break into a nervous sweat. That was exactly what Singing Dog Vanilla co-founder, Marty Parisien, did when he first saw those words. But after reading the threat again he realized that something wasn’t right. The grammar and tone of the note just didn’t seem normal. Not to mention that he was sure that all images on their site were used with permission. Marty decided to contact IT services company, Electro Systems Engineers, Inc. (www.esei.com) of El Paso, Texas just to make sure before he clicked on any links in the email.
“As soon as I saw the email, I knew it was a new scam” says ESEI founder Antonio Rico. “Not only were there a couple of grammar mistakes, but they wanted the recipient to click on a link to a shared drive in order to identify the images in question.” Scams have moved beyond trying to get people to send money to a Nigerian Prince. They are getting better at pushing at an emotional button that will cause the recipient to react and click on the link before they have time to process that they have just introduced malware into their system.
These types of scam e-mails are crafted to cause the target to click on a link which will encrypt their data. Later, the scammers will ask the user for ransom monies in order to release the data. Unfortunately, in most cases, ransom monies are paid and the scammers don’t keep up their end of the bargain.
Lucky for Singing Dog Vanilla, there were some tell-tale signs that helped ESEI identify that it was a phishing scam. Here is the full text of the email:
This is Melissa and I am a qualified photographer and illustrator.
I was baffled, to put it nicely, when I came across my images at your website. If you use a copyrighted image without my permission, you need to be aware that you could be sued by the copyrigh owner.
It’s illicitly to use stolen images and it’s so disgusting!
Check out this document with the links to my images you used at www.singingdogvanilla.com and my earlier publications to get evidence of my copyrights.
Download it now and check this out for yourself:
If you don’t remove the images mentioned in the document above within the next several days, I’ll write a complaint on you to your hosting provider stating that my copyrights have been infringed and I am trying to protect my intellectual property.
And if it doesn’t work, you may be pretty damn sure I am going to report and sue you! And I will not bother myself to let you know of it in advance.
Notice the clues to the malicious intent of the email.
- Generic greetings. Most phishing e-mails are not addressed to anyone in particular. In Marty’s case, the e-mail was addressed to “Hi There:”
- Poor grammar. Most phishing e-mails are poorly written: “Illicitly” is used incorrectly.
- Sender’s e-mail address. Always look for the sender’s e-mail; you will be surprised to find they come from a different person.
- Urgent or demanding actions. Most phishing e-mails demand a response or to click on a link, or else action will be taken against you.
- Carefully check all links. Avoid clicking on links to documents and/or unsecured websites provided in the body of the e-mail until you have confirmed the e-mail is legitimate; not doing this could result in a virus infecting your computer.
- Check the validity of attachments. Similarly, make sure that attachments are meant for you. If you are not in Accounts Payable, do not open an attachment titled “Invoice”; if you are, check that the sender is someone you actually do business with.
ESEI recommends using spam filters and training to reduce the amount of malicious e-mails.