Tech Made Simple

Hot Topics: How to Fix Bluetooth Pairing Problems | Complete Guide to Facebook Privacy | How to Block Spam Calls | REVIEW: RadMission 1 eBike

author photo

Fake Copyright Infringement Warnings Used to Spread Ransomware

by on May 12, 2021
in News, Computers and Software, Computer Safety & Support, Blog :: 326 comments

Techlicious editors independently review products. To help support our mission, we may earn affiliate commissions from links contained on this page.

Recently, Techlicious received a handful of posts in our comment section claiming that one of our images is violating copyright. We take copyright very seriously, so these posts immediately got my attention. But what I discovered could have actually been much worse – there was no copyright issue, it was all a ruse to trick us into installing a ransomware trojan that could have significantly disrupted our business.

Fortunately, I'm very familiar with how to recognize malware and scams, in general. But it would be easy for someone who isn't technically sophisticated to be fooled by these hackers and put their company's systems at risk.

Here are a couple of examples of the posts we received in the Techlicious comments [with Google Site URL removed]:

Hi!

My name is Jessica.

Your website or a website that your company hosts is infringing on a copyright-protected images owned by myself.

Check out this document with the links to my images you used at www.techlicious.com and my earlier publications to get the evidence of my copyrights.

Download it now and check this out for yourself:

https://sites.google.com/view/[redacted]

I believe you have willfully infringed my rights under 17 U.S.C. Section 101 et seq. and could be liable for statutory damages as high as $150,000 as set forth in Section 504(c)(2) of the Digital Millennium Copyright Act (”DMCA”) therein.

This letter is official notification. I seek the removal of the infringing material referenced above. Please take note as a service provider, the Digital Millennium Copyright Act requires you, to remove or disable access to the infringing materials upon receipt of this notice. If you do not cease the use of the aforementioned copyrighted material a lawsuit will be commenced against you.

I have a good faith belief that use of the copyrighted materials described above as allegedly infringing is not authorized by the copyright owner, its agent, or the law.

I swear, under penalty of perjury, that the information in the notification is accurate and that I am the copyright owner or am authorized to act on behalf of the owner of an exclusive right that is allegedly infringed.

Best regards,
Jessica Martin

and

Hi there!

This is Melangelle and I am a qualified photographer and illustrator.

I was baffled, to put it nicely, when I came across my images at your website. If you use a copyrighted image without an owner's permission, you must know that you could be sued by the owner.

It's not legal to use stolen images and it's so mean!

Check out this document with the links to my images you used at www.techlicious.com and my earlier publications to obtain the evidence of my legal copyrights.

Download it right now and check this out for yourself:

https://sites.google.com/view/[redacted]

If you don't delete the images mentioned in the file above during the next several days, I'll file a to your hosting provider letting them know that my copyrights have been severely infringed and I am trying to protect my intellectual property. 

And if it doesn't help, trust me I am going to take it to court! And I won't give you a prior notice again.

On first blush, that sounds pretty scary and is likely to get many site owners to click on the link to learn more about the details of the accusation. When you do, you will be served a webpage with a link to file with your "copyright infringement evidence."

Scam page showing File 'Copyright Infringement Evidence' is ready for downloadYour download should begin automatically. Didn’t work? Try downloading again. Download my file

In the version of the scam we received, the download is a .zip file containing a javascript (.js) file called "Copyright Infringement Evidence.js". I ran the file through Virus Total and it came back as a backdoor trojan – identified as js.Trojan.Cryxos.5779 and JS/Kryptik.BXN – that can be used to install ransomware and other malicious programs. Only 8 of the 61 malware scanning engines in Virus Total picked this up (BitDefender, Emsisoft, eScan, ESET-NOD32, FireEye, GData, MAX, NANO-Antivirus), meaning it currently has a high chance of slipping through most antimalware protection.

Screenshot of Virus Total results from scanning the Copyright Infringement Evidence.zip file showing only 8 of 61 scanning engines recognizing the ransomware: BitDefender, Emsisoft, eScan, ESET-NOD32, FireEye, GData, MAX, NANO-Antivirus

[EDITOR'S NOTE 8/12/2021: recent versions of this attack sent in by users are even more effective at evading antimalware protection. One sample was only picked up by a single vendor, NANO-Antivirus, a Russian-based antimalware organization, as Trojan.Script.Heuristic-js.iacgm. See: https://www.virustotal.com/gui/file/f2eeebca7c5d232cb4dce3698339a587ae6dc7cc98906d86573fe09a196ed95e/detection]

While this ransomware attack was directed against Techlicious through site comments, I can easily see the same attack method being attempted through email [EDITOR'S NOTE 5/13/21: readers are reporting in the comments below that the hackers are submitting these attacks through site Contact Us forms, as well.]. So it's an important reminder to be especially cautious when downloading any files from unknown third-parties or sites, and never try to open any file with an extension of .js or .exe unless you know exactly what it is and where it came from. To learn more, read our 5 tips to protect yourself against ransomware. You can also report the malware page to Google's malware reporting tool.

If you've received a similar message (on your site or via email), please post in the comments below [with the malware URL and any contact information redacted] so others will find it when doing a Google search and avoid the risk of having their systems compromised.

[Updated 5/25/2021 with information on Google malware reporting]

[Image credit: Smartphone on keyboard via BigStock Photo, screenshots via Techlicious]

Josh Kirschner is the co-founder of Techlicious and has been covering consumer tech for more than a decade. Before founding Techlicious, he was the Chief Marketing Officer for Inform Technologies, a start-up provider of semantic technology to media companies. Prior to Inform, Josh was a SVP and Managing Director in the financial services industry. Josh started his first company while still in college, a consumer electronics retailer focused on students.



Discussion loading

Got the same message on our company contact form

From Diana on May 20, 2021 :: 2:46 pm

Thanks for posting about this and getting the word out! We got the same message on our company contact form, just different name:

———————————————————————-


Hello there!

My name is Candice.

Your website or a website that your company hosts is infringing on a copyright-protected images owned by myself.

Check out this document with the links to my images you used at www.(ourwebsite).com and my earlier publications to obtain the evidence of my copyrights.

Download it now and check this out for yourself:

https://sites.google.com/view/b4bvj2903n-vk1fgne3/drive/folders/shared/1/download?l=[redacted]

I believe you have willfully infringed my rights under 17 U.S.C. Section 101 et seq. and could be liable for statutory damages as high as $150,000 as set forth in Section 504(c)(2) of the Digital Millennium Copyright Act (”DMCA”) therein.

This letter is official notification. I seek the removal of the infringing material referenced above. Please take note as a service provider, the Digital Millennium Copyright Act requires you, to remove or disable access to the infringing materials upon receipt of this notice. If you do not cease the use of the aforementioned copyrighted material a lawsuit will be commenced against you.

I have a good faith belief that use of the copyrighted materials described above as allegedly infringing is not authorized by the copyright owner, its agent, or the law.

I swear, under penalty of perjury, that the information in the notification is accurate and that I am the copyright owner or am authorized to act on behalf of the owner of an exclusive right that is allegedly infringed.


Best regards,
Candice Nelson

05/20/2021
————————————

Contact info put in:
What’s your name?
    Candice
Contact email?
    [redacted]
Contact phone number?
    [redacted]

The IP address used was 68.13.178.190
Hostname: ip68-13-178-190.om.om.cox.net


I tried calling the number (blocked my own) and it went to a voicemail.

Reply

Phone and email are fakes

From Josh Kirschner on May 21, 2021 :: 9:09 am

I’m sure these guys are using stolen/fake emails and fake numbers, so there’s no point reaching out to them. The whole goal is simply to get you to download and click that malware file.

Reply

Does it help to contact legitimate emails?

From anon on May 27, 2021 :: 10:44 pm

If you can find a real entity with the same email, does it make sense to contact them and suggest that they make sure their website/email has not been hacked and to clean that up and harden their systems? Wouldn’t help spoofing but would it help otherwise?

Reply

That might be difficult

From Josh Kirschner on May 28, 2021 :: 4:02 pm

Many of these emails are coming through Yahoo or Gmail. Others appear to be from stolen/hacked accounts. So I don’t think there is much opportunity to address this via the sender URL.

DMCA Message from FB - Fake?

From Rekha on May 20, 2021 :: 9:39 pm

I received this today. Sender is FB. There’s a “Facebook” logo in the mail. It looks different from the messages shared here. So I’m wondering. They haven’t referenced any image. There’s no way I have infringed on someone’s copyright, that’s for sure. The message reads:

Dear Rekha Photography (info@rekhaphotography.com)
Recently, another community member opened a copyright claim regarding one of the images used for your posts/campaigns. We have reviewed the case and decided you need to remove this image from your posts/campaigns. This decision is final and cannot be reversed.
Under DMCA regulations, we will auto-remove the image and close your page within 7 days if no action is taken.

Press Here to Remove Image

Reply

Yes Fake

From Mark on May 20, 2021 :: 11:41 pm

Rekha - I received that one, as well. Exact same text. It’s fake. If it was real, the link would go to some facebook server. But the link on the one I received was to some info tech website in Belgium.

Reply

Definitely fake

From Josh Kirschner on May 21, 2021 :: 9:18 am

A logo in the email means nothing - it’s just a different spin on the scam. If you look carefully at the sender, it either didn’t come from Facebook, was spoofed to make it look like it came from Facebook, or was sent from an individuals stolen Facebook account (here’s how to tell if an email has been spoofed). And as Mark says, if it links to a non-Facebook URL, that’s a dead giveaway.

What isn’t clear from your message is whether this was an attempt to install malware or an attempt to phish your Facebook credentials. If either of you clicked the link (and I’m not suggesting you do so), was scam was being run with this message?

Just as background, the language in the email you received doesn’t correspond with how Facebook actually handles DMCA issues. Here is Facebook’s actual copyright policy and process.

Reply

Fraud

From megan on May 24, 2021 :: 4:42 pm

Hello!

My name is Megan.

Your website or a website that your company hosts is infringing on a copyright protected images owned by myself.

Take a look at this report with the URLs to my images you used at www.yourhairmob.com and my earlier publication to find the evidence of my copyrights.

Download it right now and check this out for yourself:

https://sites.google.com/view/b94n1lf30-3b52n2lq/drive/d/shared/file/download?ID=[redacted]

I do think you have willfully violated my rights under 17 U.S.C. Section 101 et seq. and can be liable for statutory damage of up to $120,000 as set forth in Section 504(c)(2) of the Digital Millennium Copyright Act (DMCA) therein.

This message is official notification. I demand the elimination of the infringing materials mentioned above. Please be aware as a company, the Digital Millennium Copyright Act demands you, to remove or/and disable access to the copyrighted data upon receipt of this particular notice. In case you do not cease the use of the above mentioned copyrighted content a lawsuit will likely be started against you.

I do have a good belief that utilization of the copyrighted materials mentioned above as presumably violating is not authorized by the copyright proprietor, its agent, or the law.

I declare, under consequence of perjury, that the information in the letter is accurate and that I am currently the legal copyright owner or am certified to act on behalf of the proprietor of an exclusive right that is presumably infringed.


Best regards,
Megan Johnson

Reply

Fraud

From Cheryl Bartlett on August 19, 2021 :: 12:57 pm

We received that same email on July 1st.

Reply

Phishing scam email copied and pasted

From SB on May 24, 2021 :: 8:05 pm

Sent via form submission from Sara Boulter Photography

Name: Kim Wentz

Email: [redacted]

Subject: Attention: sara-boulter-7mcb.squarespace.com DMCA Copyright Infringement Notification

Message: Hello!

My name is Kim.

Your website or a website that your organization hosts is violating the copyrighted images owned by me personally.

Take a look at this doc with the URLs to my images you used at sara-boulter-7mcb.squarespace.com and my previous publication to obtain the proof of my copyrights.

Download it now and check this out for yourself:

{LINK REMOVED}

I think that you intentionally infringed my rights under 17 USC Sec. 101 et seq. and can be liable for statutory damage of up to $130,000 as set-forth in Sec. 504(c)(2) of the Digital millennium copyright act (”DMCA”) therein.

This message is official notification. I demand the removal of the infringing materials referenced above. Take note as a service provider, the Dmca requires you, to eliminate or disable access to the copyrighted materials upon receipt of this particular letter. In case you don’t stop the utilization of the aforementioned copyrighted content a legal action can be commenced against you.

I have a strong faith belief that utilization of the copyrighted materials mentioned above as presumably infringing is not authorized by the legal copyright proprietor, its legal agent, as well as laws.

I swear, under consequence of perjury, that the information in the notification is accurate and that I am the legal copyright owner or am permitted to act on behalf of the owner of an exclusive and legal right that is presumably violated.


Sincerely,
Kim Wentz

Reply

Now its $130,000

From Amanda Chappell on June 15, 2021 :: 12:52 pm

And they send it to companies in the UK and don’t bother to update the language to reflect that.
I’ve got in on a few of the sites I manage.
I love it when the email they send is a hotmail one.

Reply

Wow thanks for this article just got one of these today!

From Alison on May 24, 2021 :: 9:29 pm

This was very scary and I *almost* clicked on the link!! Thankfully I had the good sense to google “Dmca scams” and came across your article. I’m assuming since it’s nearly identical to the others posted here it too is a scam. Any tips on how to recognize a real Dmca for sure? What should we look for to be sure it’s real? I’d hate to fall for a differently worded scam OR ignore a real unintentional copyright infringement. Thanks again.
From: Courtney <[email address redacted].com>
Subject: ! Dmca Copyright Infringement Notice

Message Body:
Hi there!

My name is Courtney.

Your website or a website that your company hosts is violating the copyrighted images owned by myself.

Take a look at this document with the hyperlinks to my images you used at *****************and my earlier publication to get the evidence of my copyrights.

Download it now and check this out for yourself:

https://sites.google.com/view/b94k3lf03j-3njb2nf51/drive/d/shared/file/download?fileID=[redacted]
I think that you intentionally violated my rights under 17 U.S.C. Section 101 et seq. and can be liable for statutory damage as high as $130,000 as set forth in Section 504 (c) (2) of the Digital millennium copyright act (DMCA) therein.

This message is official notice. I seek the elimination of the infringing materials mentioned above. Please be aware as a service provider, the Dmca demands you, to eliminate and/or disable access to the infringing content upon receipt of this notice. In case you don’t cease the use of the previously mentioned copyrighted content a law suit can be commenced against you.

I have a strong faith belief that utilization of the copyrighted materials mentioned above as allegedly violating is not authorized by the legal copyright owner, its agent, or the laws.

I swear, under consequence of perjury, that the information in this notification is accurate and that I am the copyright proprietor or am authorized to act on behalf of the owner of an exclusive and legal right that is allegedly infringed.


Best regards,
Courtney Stevenson

Reply

Real complaint would not have you download a file

From Josh Kirschner on May 25, 2021 :: 9:54 am

A real complaint would almost certainly specify the name of the file and the URL where it is found in the complaint (it wouldn’t have you download a file from Google Sites). And if someone did want to put the info in a file for whatever reason, they wouldn’t share via Google Sites - that’s just weird. But the key clue here is the file itself - that javascript extension is a giant flashing warning sign that this isn’t legit.

Reply

Suspect Scam

From Gwen Yap on May 24, 2021 :: 11:06 pm

Title   Ms.
Name   Nicole
Last Name   Harris
Country   Kazakhstan
State   New York
City   Manhattan
Phone Number   [redacted]
Email   [redacted]

Subject   Attention: www.columbiaasia.com DMCA Copyright Infringement Notice

Hello there!

My name is Nicole.

Your website or a website that your company hosts is infringing on a copyright-protected images owned by myself.

Take a look at this document with the links to my images you used at www.columbiaasia.com and my earlier publications to get the evidence of my copyrights.

Download it right now and check this out for yourself:

https://sites.google.com/view/83vdhbckjksdfgh3/drive/storage/w/files/download?l=[redacted]

I believe you have willfully infringed my rights under 17 U.S.C. Section 101 et seq. and could be liable for statutory damages as high as $150,000 as set forth in Section 504(c)(2) of the Digital Millennium Copyright Act (”DMCA”) therein.

This letter is official notification. I seek the removal of the infringing material referenced above. Please take note as a service provider, the Digital Millennium Copyright Act requires you, to remove or disable access to the infringing materials upon receipt of this notice. If you do not cease the use of the aforementioned copyrighted material a lawsuit will be commenced against you.

I have a good faith belief that use of the copyrighted materials described above as allegedly infringing is not authorized by the copyright owner, its agent, or the law.

I swear, under penalty of perjury, that the information in the notification is accurate and that I am the copyright owner or am authorized to act on behalf of the owner of an exclusive right that is allegedly infringed.


Best regards,
Nicole Harris

05/17/2021

Reply

Another DMCA Scam Email

From S on May 25, 2021 :: 12:44 am

Got a version of this scam just now. I know I have the rights to any images I used on my site that were not personally taken by me.

—————

Sent via form submission from [redacted]

Name: Michelle Haferkamp

Email: [redacted]

Subject: Attention: www.[redacted].com Dmca Copyright Violation Notification

Message: Hello!

My name is Michelle.

Your website or a website that your company hosts is infringing on a copyright protected images owned by me personally.

Take a look at this doc with the URLs to my images you used at www.[redacted].com and my previous publications to obtain the proof of my copyrights.

Download it right now and check this out for yourself:

https://sites.google.com/view/b94k3lf03j-3njb2nf51/drive/d/shared/file/download?h=[redacted]

I really believe you have intentionally violated my legal rights under 17 USC Section 101 et seq. and can be liable for statutory damages of up to $120,000 as set-forth in Section 504 (c)(2) of the Digital Millennium Copyright Act (DMCA) therein.

This message is official notification. I seek the removal of the infringing materials described above. Please be aware as a company, the DMCA demands you, to eliminate and/or deactivate access to the copyrighted data upon receipt of this notice. In case you don’t stop the use of the above mentioned infringing content a law suit will likely be initiated against you.

I have a good self-belief that utilization of the copyrighted materials referenced above as presumably infringing is not authorized by the copyright proprietor, its agent, as well as legislation.

I swear, under penalty of perjury, that the information in the notification is correct and that I am the legal copyright owner or am permitted to act on behalf of the proprietor of an exclusive right that is presumably infringed.


Regards,
Michelle Haferkamp

Reply

It's a fake!

From John on May 25, 2021 :: 9:21 am

Hello there!

My name is Lisa.

Your website or a website that your company hosts is violating the copyright-protected images owned by myself.

Check out this document with the hyperlinks to my images you utilized at www.pressherald.com and my earlier publications to obtain the proof of my copyrights.

Download it right now and check this out for yourself:

I think you’ve deliberately violated my rights under 17 USC Sec. 101 et seq. and could possibly be liable for statutory damages as high as $110,000 as set-forth in Sec. 504 (c)(2) of the Digital millennium copyright act (”DMCA”) therein.

This letter is official notification. I demand the removal of the infringing materials described above. Please take note as a service provider, the Digital Millennium Copyright Act demands you, to remove or terminate access to the infringing materials upon receipt of this notification letter. If you don’t cease the utilization of the aforementioned infringing content a law suit will likely be commenced against you.

I do have a good self-belief that utilization of the copyrighted materials referenced above as presumably violating is not authorized by the legal copyright owner, its agent, as well as law.

I declare, under penalty of perjury, that the information in this message is accurate and that I am currently the legal copyright proprietor or am authorized to act on behalf of the proprietor of an exclusive and legal right that is presumably infringed.


Best regards,
Lisa Jones

Reply

2 Copyright Scam Emails - From X Studio - Link to Google

From Scott Dine on May 25, 2021 :: 9:29 am

I have a marketing company and started getting these emails a couple days ago (May 23, 2021). At first look, they do look legit and had come through my website contact form.

After reading it twice and realizing there were no specific details, just links to what looked like a Google Drive, I got suspicious and decided it was SPAM.

Hope this info helps someone.

Here are some of the links I received from:

* Amanda Jones, [redacted], https://sites.google.com/view/b03jvn560-3nmvbe2/drv/files/0/share/download?l=[redacted]

* Carrie Green, [redacted], https://sites.google.com/view/h04nvk3fk1-fnf5l20/drive/d/shared/file/download?f=[redacted]

Thanks,
Scott
Catalyst Group
www.ThinkCatalyst.co

Reply

Thank You

From Meredith Rutledge on May 25, 2021 :: 1:11 pm

Thank you for sharing this!  I have received multiple of these emails now and they are not sorting into junk, so it made me question whether it was spam or not for the first one, but this article verified what I thought.

Reply

Received on my website

From Rex McGregor on May 25, 2021 :: 3:09 pm

I received the following message on my website. I would be grateful if someone would check it out. Is it a scam?

“Submitted Information:

Name
Ashley Williams

Email
[redacted]

Comment
Hello there!

My name is Ashley.

Your website or a website that your company hosts is infringing on a copyright-protected images owned by me personally.

Check out this report with the links to my images you utilized at www.rexmcgregor.com and my earlier publication to get the evidence of my copyrights.

Download it now and check this out for yourself:

https://sites.google.com/view/v93jvd250-232nv2s9/drv/files/0/share/download?l=[redacted]

In my opinion you’ve deliberately violated my legal rights under 17 USC Section 101 et seq. and can be liable for statutory damages of up to $130,000 as set forth in Section 504(c)(2) of the Digital Millennium Copyright Act (”DMCA”) therein.

This letter is official notification. I demand the elimination of the infringing materials mentioned above. Take note as a company, the DMCA demands you, to remove and/or deactivate access to the infringing materials upon receipt of this particular notification letter. In case you do not cease the use of the aforementioned infringing content a lawsuit can be started against you.

I have a strong self-belief that utilization of the copyrighted materials described above as presumably infringing is not permitted by the copyright owner, its legal agent, or the laws.

I declare, under consequence of perjury, that the information in this letter is accurate and that I am currently the legal copyright proprietor or am permitted to act on behalf of the owner of an exclusive and legal right that is allegedly violated.

Best regards,
Ashley Williams

05/25/2021”
_____________
regards
Rex

Reply

Yes, clearly a scam

From Josh Kirschner on May 26, 2021 :: 10:14 am

That looks like the exact scam I covered in the article above.

Reply

My experience with the false copyright infringement claimer

From Jacob on May 25, 2021 :: 6:10 pm

I am an office administrator at a trampoline park and I received one of these this morning, although the link took me to an error page! I am not worried as we keep BitDefender on all of our company devices. The email is worded as follows:

  Hi!

My name is Annie.

Your website or a website that your company hosts is infringing on a copyright-protected images owned by myself.

Take a look at this official document with the hyperlinks to my images you utilized at (our website) and my previous publication to obtain the evidence of my copyrights.

Download it right now and check this out for yourself:

(the download link)

I do think you have willfully violated my rights under 17 USC Sec. 101 et seq. and could be liable for statutory damages of up to $120,000 as set forth in Sec. 504 (c)(2) of the Digital Millennium Copyright Act (”DMCA”) therein.

This message is official notice. I demand the elimination of the infringing materials mentioned above. Please take note as a service provider, the DMCA requires you, to eliminate or disable access to the infringing data upon receipt of this particular letter. In case you don’t cease the utilization of the previously mentioned infringing content a legal action can be started against you.

I have a strong self-belief that utilization of the copyrighted materials mentioned above as allegedly infringing is not permitted by the legal copyright proprietor, its legal agent, or the legislation.

I declare, under penalty of perjury, that the information in this notification is correct and that I am currently the legal copyright proprietor or am permitted to act on behalf of the owner of an exclusive right that is presumably violated.


Sincerely,
Annie Sawant

Reply

Make sure to keep your employees informed

From Josh Kirschner on May 26, 2021 :: 10:17 am

We know hackers frequently adjust their code to avoid antimalware providers, so having BitDefender is important, but it isn’t foolproof. The best defense is to educate all your employees who use company systems on the risk of downloading files or clicking links from unknown parties. A company’s security is only as strong as its weakest link.

Reply

recieved one (contact form)

From Alastair on May 26, 2021 :: 4:21 am

Recieved one myself overnight. File had gone by the time I looked at anything this morning, so should be fine, but posting to help boost for others.

——-

Sent via form submission

Name: Aaron Perry

Email Address: [redacted]

Subject: Digital Millennium Copyright Act (DMCA) Copyright Violation Notification email

Message: Hi there!

My name is Aaron.

Your website or a website that your organization hosts is infringing on a copyright protected images owned by me personally.

Check out this doc with the URLs to my images you utilized at [redact] and my earlier publications to get the proof of my copyrights.

Download it right now and check this out for yourself:

[link removed]

In my opinion you have deliberately violated my legal rights under 17 USC Section 101 et seq. and could be liable for statutory damage of up to $120,000 as set-forth in Sec. 504(c)(2) of the Digital millennium copyright act (DMCA) therein.

This letter is official notice. I seek the removal of the infringing materials referenced above. Take note as a company, the Digital Millennium Copyright Act requires you, to remove or/and disable access to the infringing materials upon receipt of this letter. If you don’t stop the utilization of the above mentioned infringing materials a lawsuit can be started against you.

I have a good belief that utilization of the copyrighted materials referenced above as allegedly infringing is not approved by the legal copyright proprietor, its agent, or the legislation.

I declare, under penalty of perjury, that the information in this message is correct and that I am currently the legal copyright proprietor or am permitted to act on behalf of the owner of an exclusive and legal right that is presumably infringed.


Regards,
Aaron Perry

05/26/2021

Reply

Got it too, clicked the link before realising and got a Google Error code 403

From Chris on May 26, 2021 :: 4:30 am

Hi,

I received my ´message´ over the guestbook function on my website.
Unfortunately I clicked the link before realizing that its address contained the word ´download´.
A google site turned up stating “Error 403. You don´t have permission to enter the site. No further information available”.
Does that mean, that Google saved me?

Chris

Reply

Yes, removed by Google

From Josh Kirschner on May 26, 2021 :: 10:20 am

From the links people are submitting, it looks like the malware is getting removed faster than before, so Google seems to be getting on top of this. If that continues to be the case, the hackers will likely simply switch to another file sharing service.

Reply

Just got hit too

From Jeff V on May 26, 2021 :: 6:22 am

Company Name:  Tamara
Date:  05/25/2021
Contact Name:  Tamara
Email:  [redacted]
Phone:  [redacted]
Address:  616 Yorkville Ave
    sauvi
City:  Staten Island
State / Region:  Nebraska
Zip / Postal Code:  45655
Preferred Contact:  Phone
Questions / Comments:  Hi!

My name is Tamara.

Your website or a website that your company hosts is infringing on a copyrighted images owned by me personally.

Take a look at this report with the URLs to my images you used at (redacted) and my earlier publication to get the evidence of my copyrights.

Download it right now and check this out for yourself:

https://sites.google.com/view/q0vn4jg2d-3mnv41j/drive/d/shared/file/download?fileID=[redacted]

I think that you willfully infringed my rights under 17 U.S.C. Section 101 et seq. and could be liable for statutory damage as high as $110,000 as set forth in Section 504 (c) (2) of the Digital millennium copyright act (DMCA) therein.

This letter is official notice. I demand the removal of the infringing materials referenced above. Please take note as a company, the DMCA requires you, to eliminate or/and terminate access to the infringing data upon receipt of this notice. In case you don’t stop the utilization of the above mentioned copyrighted materials a legal action will likely be initiated against you.

I do have a strong belief that use of the copyrighted materials described above as presumably violating is not permitted by the copyright owner, its agent, or the law.

I declare, under penalty of perjury, that the information in the letter is accurate and that I am currently the legal copyright owner or am authorized to act on behalf of the proprietor of an exclusive and legal right that is presumably violated.


Best regards,
Tamara Jones
Form from: https://www.(redacted).com/contact

Reply

I received one of these letters via the contact form on my website

From Kendra on May 26, 2021 :: 10:31 am

Here’s the text of the email I got, with the sender’s email address and the download link removed.

***

Name: Ashley Neal

Message: Hi!

My name is Ashley.

Your website or a website that your organization hosts is infringing on a copyright protected images owned by me personally.

Take a look at this doc with the URLs to my images you utilized at www.kendra-sarvadi.com and my previous publication to find the proof of my copyrights.

Download it right now and check this out for yourself:

https://sites.google.com/view[redacted]

I do think you have deliberately violated my rights under 17 U.S.C. Sec. 101 et seq. and could possibly be liable for statutory damages of up to $150,000 as set-forth in Sec. 504(c)(2) of the Digital millennium copyright act (DMCA) therein.

This letter is official notification. I seek the removal of the infringing materials mentioned above. Take note as a service provider, the Digital Millennium Copyright Act demands you, to remove and/or terminate access to the copyrighted content upon receipt of this particular notice. In case you do not cease the utilization of the above mentioned infringing materials a lawsuit will likely be commenced against you.

I have a good self-belief that use of the copyrighted materials referenced above as allegedly infringing is not authorized by the copyright proprietor, its legal agent, as well as legislation.

I swear, under penalty of perjury, that the information in this letter is accurate and that I am currently the copyright owner or am permitted to act on behalf of the owner of an exclusive and legal right that is presumably infringed.


Sincerely,
Ashley Neal

05/26/2021

Reply

We received two of these emails as well

From Briana on May 26, 2021 :: 1:42 pm

We received two of these emails as well through our church’s Squarespace contact form. I downloaded the zip folder, but didn’t click on the file when I noticed it was a Javascript file and deleted the folder immediately. Glad I Googled it to see we’re not the only ones with this problem!

Received one on 5/25 and the other on 5/26

—-

Name: Arlene Jackson

Email: J[redacted]827@yahoo.com

Subject: Re: [redacted] Digital Millennium Copyright Act (DMCA) Copyright Violation Notification

Message: Hi there!

My name is Arlene.

Your website or a website that your organization hosts is infringing on a copyright-protected images owned by myself.

Check out this official document with the URLs to my images you used at www.mosaicva.com and my previous publications to find the proof of my copyrights.

Download it now and check this out for yourself:

https://sites.google.com/view/v83hvdn20vdn-3989v3bv2/download/0/shared/d/file?d=[redacted]

I really believe you’ve willfully infringed my legal rights under 17 U.S.C. Sec. 101 et seq. and could be liable for statutory damage of up to $140,000 as set-forth in Sec. 504 (c) (2) of the Digital millennium copyright act (”DMCA”) therein.

This message is official notification. I demand the removal of the infringing materials mentioned above. Please take note as a service provider, the DMCA demands you, to eliminate or/and disable access to the infringing content upon receipt of this particular notice. In case you do not cease the use of the aforementioned copyrighted materials a law suit will likely be started against you.

I do have a strong belief that use of the copyrighted materials referenced above as presumably infringing is not approved by the copyright proprietor, its legal agent, as well as laws.

I swear, under penalty of perjury, that the information in this notification is correct and that I am the copyright proprietor or am certified to act on behalf of the owner of an exclusive right that is allegedly infringed.


Sincerely,
Arlene Jackson

—-

Name: Brian Alvarez

Email: A[redacted]409@gmail.com

Subject: [redacted] Digital Millennium Copyright Act (DMCA) Copyright Violation Notice

Message: Hi!

My name is Brian.

Your website or a website that your company hosts is infringing on a copyright-protected images owned by myself.

Check out this report with the URLs to my images you used at www.mosaicva.com and my previous publication to get the evidence of my copyrights.

Download it now and check this out for yourself:

https://sites.google.com/view/f9hvn256vk3-kvb3jfh4tjvf/drv/files/0/share/download?ID=[redacted]

I think you have intentionally infringed my rights under 17 USC Sec. 101 et seq. and could possibly be liable for statutory damage as high as $120,000 as set forth in Sec. 504 (c) (2) of the Digital millennium copyright act (”DMCA”) therein.

This letter is official notification. I demand the elimination of the infringing materials described above. Take note as a company, the DMCA requires you, to remove and/or terminate access to the copyrighted materials upon receipt of this notice. In case you do not stop the utilization of the aforementioned infringing content a court action will be commenced against you.

I have a good belief that utilization of the copyrighted materials mentioned above as presumably violating is not authorized by the copyright proprietor, its legal agent, as well as law.

I declare, under penalty of perjury, that the information in this message is accurate and that I am the legal copyright owner or am certified to act on behalf of the proprietor of an exclusive right that is allegedly violated.


Sincerely,
Brian Alvarez

Reply

Received throuh Submision form

From Radame Hernandez on May 26, 2021 :: 3:13 pm

Hi there!

My name is Nikki.

Your website or a website that your company hosts is infringing on a copyright protected images owned by myself.

Check out this doc with the URLs to my images you utilized at snslp.org and my earlier publications to get the proof of my copyrights.

Download it right now and check this out for yourself:

https://sites.google.com/view/f03ivbbg29fk-3vh5kvmm49/drv/files/0/share/download?h=[redacted]

I do believe that you intentionally violated my rights under 17 U.S.C. Section 101 et seq. and could possibly be liable for statutory damage as high as $120,000 as set forth in Section 504(c)(2) of the Digital millennium copyright act (”DMCA”) therein.

This message is official notification. I demand the elimination of the infringing materials mentioned above. Please take note as a service provider, the DMCA requires you, to remove and disable access to the copyrighted materials upon receipt of this particular notification letter. If you do not stop the use of the aforementioned copyrighted content a legal action can be commenced against you.

I do have a strong self-belief that use of the copyrighted materials described above as allegedly violating is not permitted by the copyright proprietor, its legal agent, as well as legislation.

I swear, under consequence of perjury, that the information in this letter is correct and that I am currently the copyright owner or am permitted to act on behalf of the proprietor of an exclusive and legal right that is presumably infringed.


Best regards,
Nikki Moore

05/26/2021

Reply

I got one

From Sergi Yavorski on May 27, 2021 :: 9:29 am

And even though I know I never stolen any images from anyone, I did download it to a secure computer just to see what kind of scam mechanics they use these day. Turned out it was a zipped JavaScript file…. It’s really simple. Never execute any .js files from an unknown source. Case solved.

Reply

Sample Scam Email

From Corey on May 27, 2021 :: 10:45 am

We received one recently as well, submitted through the “Contact Us” JotForm on our website.
Here it is:
————-
“Hi!

My name is Tiffany.

Your website or a website that your organization hosts is violating the copyrighted images owned by me personally.

Check out this official document with the links to my images you utilized at [redacted] and my earlier publications to find the evidence of my copyrights.

Download it right now and check this out for yourself:

https://sites.google.com/[redacted]

I do think you’ve willfully infringed my rights under 17 USC Sec. 101 et seq. and could possibly be liable for statutory damage as high as $150,000 as set forth in Section 504(c)(2) of the Digital Millennium Copyright Act (”DMCA”) therein.

This letter is official notice. I seek the elimination of the infringing materials described above. Please be aware as a company, the Dmca requires you, to remove or deactivate access to the infringing content upon receipt of this particular letter. In case you don’t stop the use of the above mentioned copyrighted content a law suit can be initiated against you.

I do have a good self-belief that utilization of the copyrighted materials referenced above as allegedly violating is not permitted by the legal copyright proprietor, its agent, or the legislation.

I declare, under consequence of perjury, that the information in this letter is accurate and that I am the copyright owner or am authorized to act on behalf of the proprietor of an exclusive right that is allegedly violated.


Sincerely,
Tiffany Johnson

05/27/2021”

Reply

Got the email

From Sandy on May 27, 2021 :: 12:27 pm

I got the email, clicked the link but it gave me an error message:

403. That’s an error.

We’re sorry, but you do not have access to this page. That’s all we know.

Is this okay? Should I be concerned?

Reply

Yes, that's a good thing

From Josh Kirschner on May 27, 2021 :: 1:33 pm

That error means the file has been blocked or removed. It is probably a sign that Google discovered it and is preventing access, so that’s a good thing.

Reply

Got the email

From Sandy on May 27, 2021 :: 2:46 pm

Hi Josh,
Does that mean my computer or gmail account has not been infected? Will the person have access over my drive even though I did not go through the process of downloading anything and I just clicked the link?

Reply

You're fine

From Josh Kirschner on May 27, 2021 :: 2:52 pm

Just clicking the link to the Google Site is fine as long as you didn’t download and launch the file (which you didn’t).

Fake Copyright Email

From Danielle on May 27, 2021 :: 12:52 pm

Thanks for posting this.  I had suspicions as I only have 2 images on my site that are not my own. This thread confirmed this is fake.

———————————

Hi there!

My name is Laura.

Your website or a website that your organization hosts is infringing on a copyright protected images owned by myself.

Take a look at this official document with the URLs to my images you utilized at (my site) and my previous publication to obtain the evidence of my copyrights.

Download it right now and check this out for yourself:

https://sites.google.com/view/04885340038582098/d/download/0/shared/files?f=[redacted]
I do believe you have willfully violated my legal rights under 17 U.S.C. Section 101 et seq. and can be liable for statutory damage as high as $110,000 as set forth in Sec. 504 (c)(2) of the Digital Millennium Copyright Act (”DMCA”) therein.

This letter is official notification. I seek the removal of the infringing materials referenced above. Take note as a service provider, the Dmca demands you, to remove and/or disable access to the infringing materials upon receipt of this particular letter. If you don’t cease the utilization of the above mentioned infringing content a law suit can be commenced against you.

I do have a good self-belief that use of the copyrighted materials described above as allegedly infringing is not approved by the legal copyright owner, its agent, as well as law.

I swear, under consequence of perjury, that the information in this message is accurate and that I am currently the legal copyright proprietor or am permitted to act on behalf of the proprietor of an exclusive and legal right that is allegedly violated.


Regards,
Laura Uppalapu

05/27/2021


Your Name: Laura
E-mail Address: [redacted]@gmail.com Student Name: Laura
School: naisooth

Reply

Knew it was sketchy

From K on May 27, 2021 :: 1:44 pm

Received from a contact request form on our website.

Name Monique Williams
Your email address [redacted]
Cell Phone [redacted]
Project Location [redacted]
Type a question   icen

Please tell us more about your Project or any pertinent information you are interested in:  Hello!

My name is Monique.

Your website or a website that your organization hosts is violating the copyright-protected images owned by myself.

Take a look at this doc with the hyperlinks to my images you utilized at prostructservices.com and my earlier publication to obtain the evidence of my copyrights.

Download it right now and check this out for yourself:

https://sites.google.com/[redacted]

I think you’ve intentionally violated my rights under 17 USC Section 101 et seq. and could possibly be liable for statutory damages as high as $120,000 as set-forth in Section 504(c)(2) of the Digital Millennium Copyright Act (DMCA) therein.

This letter is official notice. I demand the elimination of the infringing materials referenced above. Please take note as a service provider, the Dmca requires you, to remove and deactivate access to the infringing content upon receipt of this particular letter. If you don’t cease the utilization of the previously mentioned copyrighted content a court action will likely be started against you.

I do have a strong faith belief that use of the copyrighted materials referenced above as presumably violating is not authorized by the legal copyright owner, its legal agent, or the law.

I declare, under penalty of perjury, that the information in this letter is correct and that I am currently the legal copyright proprietor or am certified to act on behalf of the owner of an exclusive and legal right that is presumably violated.


Sincerely,
Monique Williams

05/27/2021

Reply

yet another

From Lisa Kaplan on May 27, 2021 :: 2:14 pm

I received one as well. Being both with achy head (allergies) and pre coffee which made me a bit daft today, and very conscientious I clicked. But i dont see anything in my downloads. Is there a file I should be searching for to trashor am I screwed.

On a MAC.

Hello!

My name is Karin.

Your website or a website that your organization hosts is violating the copyright-protected images owned by me personally.
Download it now and check this out for yourself:

https://sites.google.com/view/b8y3hvdk39d-3kbb2989cb/d/shared/0/download/file?f=[redacted]

Reply

Unzipped the file

From Will C on May 27, 2021 :: 3:17 pm

I downloaded the file because the google link looked legit.

Unzipped it and ran an Eset scan on it with no detection. I did not open the js file.

Googled the first paragraph of the notice and found this page. Computer still seems to be fine. I think the Eset scan was negative because I didn’t restart after updates in awhile.

I’m thinking I am probably fine? Running a full scan now.

Reply

Likely fine if you didn't open the file

From Josh Kirschner on May 27, 2021 :: 3:35 pm

The javascript file won’t run on its own. So if you are sure you didn’t click it to run you are probably fine. But definitely do that scan.

Reply

Norton

From Tim on May 27, 2021 :: 4:56 pm

How come Norton 360 is not part of the group of detectors?

Reply

The list is just cut off

From Josh Kirschner on May 27, 2021 :: 5:25 pm

The list of antimalware engines is quite long, so we just showed the top section with those that did detect it. Norton (Symantec) is on the list further down and you can see it if you click on the link in the article.

Reply

Norton

From Tim on May 27, 2021 :: 5:26 pm

Thanks

Reply

Received one today

From Peter on May 27, 2021 :: 5:27 pm

Really glad I looked it up and already cautious about downloading anything from an unknown individual. Thanks for sharing this.

 

CSS inlining error: DOMXPath::query(): Invalid expression in selector >> 100% << in /var/www/html/vendor/pelago/emogrifier/src/Emogrifier.php on line 494
Kartsly
Name   Tammi
Email   [redacted]@hotmail.com
Phone   [redacted]
Message

Hi! My name is Tammi. Your website or a website that your company hosts is infringing on a copyright-protected images owned by me personally. Check out this official document with the URLs to my images you utilized at kartsly.com and my earlier publication to obtain the evidence of my copyrights. Download it right now and check this out for yourself: https://sites.google.com/view/fdj93hfdhh3hf-ndh23bj4j8ds/d/shared/0/download/file?l= I do believe you have willfully infringed my legal rights under 17 U.S.C. Section 101 et seq. and can be liable for statutory damage of up to $150,000 as set forth in Sec. 504 (c) (2) of the Digital millennium copyright act (”DMCA”) therein. This letter is official notification. I demand the removal of the infringing materials described above. Take note as a company, the Dmca demands you, to eliminate and terminate access to the infringing materials upon receipt of this particular notice. In case you don’t stop the use of the above mentioned copyrighted content a lawsuit can be started against you. I have a strong faith belief that utilization of the copyrighted materials described above as presumably infringing is not permitted by the legal copyright owner, its agent, or the legislation. I declare, under consequence of perjury, that the information in this message is correct and that I am the copyright owner or am certified to act on behalf of the proprietor of an exclusive and legal right that is presumably violated. Regards, Tammi Tims 05/27/2021

Thank you, Kartsly!

Reply

spam mail

From Cindy on May 27, 2021 :: 8:33 pm

I received the same, via contact page:

Hi there!

My name is Tonya.

Your website or a website that your company hosts is violating the copyright-protected images owned by me personally.

Take a look at this report with the hyperlinks to my images you used at xxx and my earlier publication to find the evidence of my copyrights.

Download it now and check this out for yourself:

https://sites.google.com/view/...

I really believe that you intentionally infringed my rights under 17 USC Section 101 et seq. and could possibly be liable for statutory damage as high as $150,000 as set-forth in Section 504 (c)(2) of the Digital Millennium Copyright Act (DMCA) therein.

This message is official notification. I seek the removal of the infringing materials mentioned above. Take note as a service provider, the Dmca demands you, to eliminate and deactivate access to the copyrighted materials upon receipt of this particular letter. If you don’t stop the utilization of the previously mentioned infringing content a court action will be initiated against you.

I have a good faith belief that utilization of the copyrighted materials described above as presumably violating is not approved by the legal copyright owner, its agent, as well as legislation.

I declare, under penalty of perjury, that the information in this letter is accurate and that I am the legal copyright proprietor or am certified to act on behalf of the proprietor of an exclusive and legal right that is allegedly infringed.

Sincerely,
Tonya Baxter

05/27/2021

Reply

The same - via Contact form

From Anon on May 27, 2021 :: 10:32 pm

I’ve gotten two of these now through my contact form. One a couple weeks ago, and one today. They are the exact format of those above. The site they chose to target has only my own photos. There is only one that I have to check out, but I 100% get images from paid sources or free sites such as Pexels and use only those with full free use without attribution needed. I’m suspicious of links so didn’t click.

Interestingly, I have another person via contact form that is desperate to get me to email them. Most of the people who really have an interest in finding out about what I do call me. And the contact form says to call. It is so strange I have not responded to them. I don’t know if that has anything to do with the copyright form submittal but it was around the same time.

Mine is from Carrie. I googled Carrie and she has a FB page but no other web page I could find. The email matches the email given in the form. She appears to do wedding, relationship, kids and babies type photography. This is confusing, though. The contact seems clearly to be phishing or a link malware. And it matches the examples here exactly. But why would this person/email have a real trail? Do they go so far as to put up fake pages to appear legitimate? Do they spoof emails they find to make it appear legitimate?

Reply

The trail isn't real

From Josh Kirschner on May 28, 2021 :: 3:35 pm

I’m sure the scammers are either using a fake Facebook page or one that has been stolen to give the veneer of legitimacy. Email spoofing is another very real possibility. If you have questions/concerns about whether the complaint may be real, reach out by email and ask them to send you the specific details (via email, not via attachment) on which image they are claiming copyright for and where on your site they found it.

Reply

Another fake DMCA notice

From Garth Cummings on May 27, 2021 :: 11:24 pm

I received the same fake DMCA notice as the first one in your post via my site’s Contact Us form, which is supposed to be protected by a reCAPTCHA. The only difference is the purported sender was Danny Mason rather than Jessica Martin.

The fact that the “evidence” was hosted on a Google site made the notice more credible. But I was suspicious because my site is pretty modest and all images were either paid for or created by me.

The good news is that the “evidence” download page didn’t actually download anything in my case. It did throw a 404 error about the URL https://bigeront.top/jb39fj6kke/. Maybe because I’m using Safari?

I’ve reported this to Google as well.

Reply

Scam Copy write infringement -

From jeff on May 27, 2021 :: 11:26 pm

I got the message and was smart enough not to click on it. I did delete link. It came from this email address:
mailto:[redacted]@yahoo.com
Karina Gonzalez
[redacted]
IP Address: 71.167.45.36

Was submitted through our contact submission link on my site. Do we need to do anything to protect our site better?

Reply

This isn't a sign of weak site protection

From Josh Kirschner on May 28, 2021 :: 3:41 pm

There is nothing you need to do to protect your site better from these scams other than ensuring whoever gets them knows not to click on the links. You can try spam/IP address blocking, if you don’t already have that set up for your contact form (which you should), though I don’t think that will make a big difference.

Note that the IP address you listed has a long history of malicious activity: https://www.abuseipdb.com/check/71.167.45.36

Reply

Read More Comments: 1 2 3 4 5 6 7

Home | About | Meet the Team | Contact Us
Media Kit | Newsletter Sponsorships
Accessibility Statement
Terms of Use | Privacy & Cookie Policy

Techlicious participates in affiliate programs, including the Amazon Services LLC Associates Program, which provide a small commission from some, but not all, of the "click-thru to buy" links contained in our articles. These click-thru links are determined after the article has been written, based on price and product availability — the commissions do not impact our choice of recommended product, nor the price you pay. When you use these links, you help support our ongoing editorial mission to provide you with the best product recommendations.

© Techlicious LLC.