Beware copyright infringement warnings bearing malware

Be on the lookout for fake copyright warnings that may arrive via a contact form web page -- they usually point to an apparent Google site that can trick you into installing ransomware.

A incident similar to the ones described in the article Fake Copyright Infringement Warnings Used to Spread Ransomware has been reported at Brown (see below for full message). It is a good reminder to be vigilant for clues of a scam (in this one, a threatening message demanding urgent action with stilted language such as "strong faith belief").

Doing a search on "I have a strong faith belief that utilization of the copyrighted materials" resulted in several hits, including the "Fake Copyright" story. Checking the URL at Virus Total (https://www.virustotal.com/gui/) confirmed our suspicions when it showed that it had been flagged as malware by a security vendor. 

Remember: If it smells phishy, it probably is -- but if unsure, forward it to us at the Phish Bowl.


Sent via form submission from The Carberry Lab

Name: Claudia White

Email Address: Whitestock831@hotmail.com

Subject: ! www.thecarberrylab.org Dmca Copyright Infringement Notice

Message: Hi there!

My name is Claudia.

Your website or a website that your organization hosts is violating the copyrighted images owned by myself.

Check out this document with the URLs to my images you utilized at www.themoorelab.org and my previous publication to find the evidence of my copyrights.

Download it now and check this out for yourself:

https://sites.google.com/ [REDACTED]

I think you've willfully infringed my legal rights under 17 USC Section 101 et seq. and can be liable for statutory damage of up to $130,000 as set-forth in Section 504(c)(2) of the Digital Millennium Copyright Act (DMCA) therein.

This message is official notification. I demand the removal of the infringing materials described above. Please be aware as a company, the Digital Millennium Copyright Act demands you, to eliminate and deactivate access to the infringing materials upon receipt of this particular letter. If you do not stop the utilization of the above mentioned infringing materials a law suit will likely be started against you.

I have a strong faith belief that utilization of the copyrighted materials referenced above as allegedly infringing is not permitted by the copyright owner, its legal agent, or the law.

I swear, under consequence of perjury, that the information in this letter is accurate and that I am currently the copyright proprietor or am permitted to act on behalf of the proprietor of an exclusive right that is presumably infringed.

Regards,
Claudia White

06/03/2021


From: <no-reply@uplandsoftware.com>
Date: Wed, Oct 13, 2021 at 5:05 PM
Subject: SUBMITTAL: Letter to the Editor
To: [ ADDRESS REDACTED ]

First Name: Damion
Last Name: Baztami
Home Phone Number: 7184061104
Daytime Phone Number: 7184061104
Email Address: DamionBaztami@trello.com
Street Address: 160 S.W. 9th St.
Street Address2: 160 S.W. 9th St.
City: New York
Province: NY
Country: USA
Postal Code: 78078
Submitted Letter:

Hello,

Your website or a website that your company hosts is violating the copyright protected images owned by our company (trello Inc.).

Take a look at this doc with the links to our images you utilized at www.brandonsun.com and our previous publication to get the evidence of our copyrights.

Download it now and check this out for yourself:

[ URL REDACTED ]

I do believe that you deliberately infringed our legal rights under 17 U.S.C. Sec. 101 et seq. and could possibly be liable for statutory damages of up to $110,000 as set forth in Sec. 504(c)(2) of the Digital Millennium Copyright Act (DMCA) therein.

This letter is official notification. I demand the removal of the infringing materials described above. Please be aware as a company, the Digital Millennium Copyright Act requires you to eliminate or deactivate access to the infringing content upon receipt of this letter. In case you do not cease the use of the aforementioned copyrighted content a legal action will likely be started against you.

I have a strong self-belief that utilization of the copyrighted materials described above as allegedly infringing is not authorized by the legal copyright proprietor, its legal agent, as well as legislation.

I declare, under penalty of perjury, that the information in this message is accurate and hereby affirm that I am authorized to act on behalf of the owner of an exclusive right that is allegedly infringed.

Sincerely yours,
Damion Baztami
Legal Officer
trello, Inc.

trello.com

10/14/2021

Phishing
Phishing Email (on campus)

Written by pfalcon@brown.edu on