Over the past several months, w/ increasing frequency, we’ve seen emails from a malicious scammer named Mel (“Mellie”, “Melina”, “Melika”, and “Meleana”, et. al.) filling out a client’s website form, and very aggressively claiming copyright infringement.
The email arrives via your website contact form and accuses you of using copyrighted website images and tells you to click on a link to see the list of the images that are in violation. (DON’T CLICK THE LINK) The writer threatens to file a complaint with your hosting company and sue you.
The scam phishing email goes something like this…
This is Mellie [insert various names] and I am a qualified illustrator [insert various professions].
I was baffled, frankly speaking, when I came across my images at your website. If you use a copyrighted image without my approval, you need to be aware that you could be sued by the owner.
It’s illegal to use stolen images and it’s so nasty!
Take a look at this document with the links to my images you used at [website URL] and my earlier publications to obtain evidence of my copyrights.
Download it now and check this out for yourself:[Redacted link to the phishing site]
If you don’t delete the images mentioned in the document above within the next several days, I’ll write a complaint against you to your hosting provider stating that my copyrights have been infringed and I am trying to protect my intellectual property.
And if it doesn’t work, you may be pretty damn sure I am going to report and sue you! And I will not bother myself to let you know of it in advance.
The scammer is claiming to be a…
- Professional Photographer
- Licensed Photographer
- Experienced photographer and illustrator
- Qualified illustrator
And is going by various names, such as…
The scammer uses different fake email addresses, fake phone numbers and variations on the ‘business’ name, as well.
What is the Goal of this Phishing Scam?
The end goal of the scam isn’t clear, but the immediate goal is to scare you and get you to click the link.
Clicking the link may take you to a file download or a website that may allow the hacker to seize control of your device (if your device is not protected by sufficient antivirus software to block it). It may take you to a phishing page asking you to enter more information, which you should never do.
This miscreant hacker may then be able to do one of the following:
- Hold your device hostage demanding a ransom
- Exploit having access to your machine to compromise your other accounts like email or banking
- Inject worms/viruses that infect your machine and use it to launch attacks against others
Remember to click ONLY on links that you trust from sources that you trust. Feel free to share this information with others.