Phishing scam email alert

SCAM ALERT: Beware of this Fake Email Claiming Copyright Image Infringement on Your Website

Published on April 14, 2021

Reports are coming in from all across the internet about a scammer who is sending malicious messages to website owners via the contact forms on their website. This phishing email scammer aggressively accuses the website owner of using copyrighted images, and encourages them to click a link that supposedly leads to a list of the images that are in violation. Do not click the link!
 
The writer named "Melanka” (who also goes by “Mellie” and "Mel” among others) claims she will file a complaint with the website owner’s hosting company and will sue them for the copyright infringement.

--------------------------------------------------


Here are the contents of the actual phishing email:


Hello there!

This is Melanka and I am a certified photographer.

I was discouraged, frankly speaking, when I recognised my images at your web-site. If you use a copyrighted image without an owner's approval, you should know that you could be sued by the creator.

It's illegitimate to use stolen images and it's so wicked!

Take a look at this document with the links to my images you used at [WEBSITE ADDRESS REMOVED] and my earlier publications to obtain the evidence of my legal copyrights.

Download it right now and check this out for yourself:
[MALICIOUS LINK REMOVED FROM POST FOR SAFETY]

If you don't delete the images mentioned in the file above during the next couple of days, I'll file a complaint to your hosting provider letting them know that my copyrights have been severely infringed and I am trying to protect my intellectual property.

And if it is not enough, for damn sure I am going to take it to court! And I won't give you a prior notice again.


--------------------------------------------------


About the scammer:

The scammer uses different aliases and claims to be from the following professions:
 
  • Professional Photographer
  • Licensed Photographer
  • Experienced photographer and illustrator
  • Qualified illustrator

The sender is going by names similar to "Mel" which include:
 
  • Mel
  • Melinda
  • Melina
  • Mellie
  • Melisha
  • Melaenis
  • Melissa
  • Melaida
  • Melitta
  • Melcia
  • Meladia
  • Melecia
  • Meleena
  • Melea
  • Melangelle
  • Melaina
  • Melanka
  • Melibella
  • Melnikon
  • Melane

We have found the scammer is using different fake email addresses, fake phone numbers, and multiple variations of a last name.


The goal of this phishing scam

While the end goal remains unclear, the contents of the phishing email attempts to create fear in hope the website owner will click the malicious link that leads them to a file download. This is common in most phishing emails. If the file download is clicked, the scammer can potentially seize control of the website owner’s computer and hold it for ransom. The scammer could also access and compromise personal accounts such as email or bank accounts, and inject viruses into the machine (if your device is not protected by sufficient antivirus software).


How you can spot a phishing email
There are several common practices that crooks use in their malicious emails. Here are a few that might help you more quickly identify shady business: 

 
  • Grammar and spelling. The incorrect spelling of a simple word such as "web-site" is a red flag.
  • View the true URL (but DO NOT click it). Phishing scams will attempt to hide the URL behind text. Hover over the URL to see the true destination of the link.
  • Unsolicited attachments. Never click or download an unsolicited email attachment.
  • Intimidation tactics. The dual threat of contacting the website owner’s hosting company while taking legal action, is meant to intimidate and trick the email recipient into clicking the malicious link.


Ways to protect yourself against phishing scams
Phishing scams might catch you or your client by surprise, and sometimes people click the malicious link before they even suspect anything is amiss. 

 
  • Use security software. Set the software to update automatically so it is ready to deal with new threats.
  • Set mobile phone software to update automatically. These updates often contain vital security protection against newly detected scams.
  • Use multi-factor authentication. The additional credentials will make it harder for scammers to access your private accounts if they do get your login credentials.
  • Backup your data. Copy the files to an external hard drive or use cloud storage to ensure backups aren’t stored on your home network.
  • Don't share any personal info. Many phishing scams will prompt you to share personal data including login credentials. Don't click on any links or download attachments from any suspicious email.
  • Slow down - read carefully. You probably have lots of emails in your inbox every day, and speeding through them might be a part of your productivity efforts. Taking even a few extra few seconds on emails could give you the time you need to assess their validity before click on their contents. 


Have you received a similar email through your website?

If you or your clients received this email or a similar message, rest assured that you can safely ignore it. The best thing to do is don't reply, don’t click on any links and delete the email.

While our platform has many safety measures and spam filters in place that keep many phishing emails out of your inbox, there is no way to block them 100%. Be smart and be careful. Use the tips mentioned in this article to help you identify a potential phishing email and share these tips with your clients. If you have any questions or concerns, please feel free to contact us.
 

We'd love to hear from you!

Please free to get in touch to let us  know what you think or if you would like to learn more.