WARNING : DO NOT CLICK ON ANY UNSOLICITED EMAIL LINKS!
We have recently noticed that several of our clients are received emails claiming that one or more of their images violated copyright. We’ve been building websites and working with photography and graphics for over 25 years. We take copyright very seriously and highly recommend everyone else does the same.
However, what we have discovered could have actually been much worse – first of all, there was no copyright issue, it was all a ruse to trick us into installing a ransomware trojan. DO NOT FALL FOR THIS.
It’s not just our customers, this is a growing trend on the internet. Several WordPress, Wix, Square site owners and other tech companies clients are all reporting these attacks recently. These emails are being sent directly to the domain owner or through their contact form. Some of them actually come from legitimate companies that do represent certain clients, but they are still PHISHING and do not have legal standing.
Here are a couple of recent examples:
These appear to be the same message with some selected words changed out, but it has switched from using Google Drive links to Firebase links, possibly because of aware owners reporting this ‘fishy’ notice.
It looks scary and will possibly get site owners to click on the link to see exactly what they are talking about. When you do, you will be directed to a page with a link to a zip file with your “copyright infringement evidence.”
OUR WARNING : DO NOT CLICK ON THIS!
One company, Techlicious, dug further into this file and found that many malware programs don’t even catch it.
In the version of the scam we received, the download is a .zip file containing a javascript (.js) file called “Copyright Infringement Evidence.js”. I ran the file through Virus Total and it came back as a backdoor trojan – identified as js.Trojan.Cryxos.5779 and JS/Kryptik.BXN – that can be used to install ransomware and other malicious programs. Only 8 of the 61 malware scanning engines in Virus Total picked this up (BitDefender, Emsisoft, eScan, ESET-NOD32, FireEye, GData, MAX, NANO-Antivirus), meaning it currently has a high chance of slipping through most antimalware protection.
Josh Kirschner, Techilicious, May 12, 2021
It’s important remember to be especially cautious when downloading any files from unknown third-parties or sites, and never try to open any file with an extension of .js or .exe unless you know exactly what it is and where it came from. You can report the malware page to Google’s malware reporting tool.
Our recommendation is that you ignore any of these unsolicited emails. You can contact your attorney for any questions and if it makes you more comfortable, and we can go through your site for you to verify that you do not have any copyright issues. WE DO NOT USE COPYRIGHTED PHOTOS.
Our Photo sources include, but are not limited to; Customer Photos, Our Own Photos, PxHere.com, Pixabay.com, Pexels.com, and Unsplash.com.
WE DO NOT USE COPYRIGHTED PHOTOS and recommend you do the same. However, DO NOT PANIC if you get a SCAMMER pretending to own rights to something they do not.
Contact support@halemultimedia.com if you have any questions.
The other day, while I was at work, my sister stole my apple ipad and tested to see if it can survive a 25 foot drop, just so she can be a youtube sensation. My iPad is now broken and she has 83 views. I know this is entirely off topic but I had to share it with someone!
That is hilariously painful lesson. Thank you so much for sharing!