We recently got an email from one of our clients in regard to copyright infringement on a site by the use of illustrations. At Coffee Web Design, we only use stock photos or graphics that are royally free and we limit the places we use to get our stock images for our web designs. We take copyright infringement very seriously.

When we get an email like this, we have to do some research.

We did find this most recent article as a warning on a phishing alert that sends you to a Google doc share file and is also targeting WordPress sites at this moment.

DO NOT CLICK THE LINK

If you happen to click the link then it would be best practice to run a malware check in your browser and pc, or even phone if you tried to open it there.

Her is the information shared by INserCorp as a warning.

We have received several reports of a malicious website visitor filling out contact forms on iPlasmaCMS2 Websites from a person named “Mel” claiming your website is using their images and that you must “delete them NOW”.
Do NOT click on the link!
This is a classic phishing scheme – the malicious actor wants the unsuspecting victim who receives the email to click on the link which goes to a Google Drive hosted file that if clicked can create serious vulnerabilities in the victim’s device and/or network.

UPDATE – JUNE 29, 2020: It is confirmed that this script is also targeting Forms on WordPress websites as well. Thank you to the users who have contributed to this scam alert in our User Comments!
Ransomware Scheme Specifically Targeting iPlasmaCMS2 Website Administrators
The malicious actor is pretending to be a “Professional Photographer” or “Licensed Photographer” and going by the name “Mel” or “Melinda” with variations on the last name is using different fake email addresses and providing different fake phone numbers (generally with a ‘718’ area code).

Once the recipient clicks the link it will take them to a file download that will allow the hacker to seize control of the user’s device. The hacker will then be able to hold the user’s device hostage and demand a ransom or exploit access to the users’ system leading to further damage, compromised accounts, or injection of worms (viruses that infect the host machine and use it to launch attacks on others).

Take a look at two almost identical messages sent through two completely different Website Contact Forms powered by iPlasmaCMS2, Insercorp’s proprietary Web Content Management System:

—–Original Message—–
From: REDACTED <noreply@REDACTED>
Sent: Monday, June 15, 2020 4:05 AM
To: REDACTED <REDACTED>
Subject: REDACTED Location Contact Form

iPlasmaCMS Location Contact Form Message Generated on June 15, 2020
Name: Mel
Email Address: Melphotographer985@aol.com
Phone Number: 17185795917
Preferred Contact Method: Phone

Comments
Hello there!

This is Melinda and I am a licensed photographer.

I was discouraged, frankly speaking, when I came across my images at your website. If you use a copyrighted image without my approval, you must be aware that you could be sued by the copyrigh owner.

It’s illicitly to use stolen images and it’s so disgusting!

Take a look at this document with the links to my images you used at REDACTED and my earlier publications to obtain evidence of my copyrights.

Download it right now and check this out for yourself:

<REDACTED>

If you don’t remove the images mentioned in the document above within the next several days, I’ll write a complaint against you to your hosting provider stating that my copyrights have been infringed and I am trying to protect my intellectual property.

And if it doesn’t work, you may be pretty damn sure I am going to report and sue you! And I will not bother myself to let you know of it in advance.

The hacker is trying to scare unsuspecting victims into clicking a link (which we have removed to prevent our readers from accidentally clicking it). Now take a look at another report we received from a completely different client later in the same day:

—–Original Message—–
From: REDACTED <noreply@REDACTED>
Sent: Monday, June 15, 2020 10:45 PM
To: REDACTED <REDACTED>
Subject: General Contact Form Message from REDACTED

General Contact Form Message
Generated on June 15, 2020

First Name: Mel
Last Name: Pursley
Title: You have no any rights to use my images for REDACTED without my consent! It’s illegal! It violates my rights! You must delete them NOW!!!!!
Company: Me photographer
Email Address: Menikon972@aol.com
Phone Number: 17188033311
Preferred Contact Method: Phone

Comments
Hello,

This is Melynda and I am a professional photographer.

I was confused, frankly speaking, when I came across my images at your web-site. If you use a copyrighted image without my consent, you need to be aware that you could be sued by the copyright holder.

It’s against law to use stolen images and it’s so filthy!

Take a look at this document with the links to my images you used at REDACTED and my earlier publications to obtain evidence of my legal copyrights.

Download it right now and check this out for yourself:

<REDACTED>

If you don’t remove the images mentioned in the document above within the next few days, I’ll write a complaint against you to your hosting provider stating that my copyrights have been infringed and I am trying to protect my intellectual property.

And if it doesn’t work, you may be pretty damn sure I am going to report and sue you! And I will not bother myself to let you know of it in advance.

 

Read the full article here 

Pin It on Pinterest