Phishing Scam: Contact Form Submissions
TLDR - 1) Don't click on ANY links you get from contact form submissions, and 2) keep track of where you get the pictures you use on your website.
There is a new phishing scam online that targets contact forms.
We've noticed a phishing scam making the rounds on our clients' contact forms. It's unusual because of the topic in it, and it's also unusual because it's being submitted by real people (thus getting by the bot-spam safeguards.)
Photo by Lindsey LaMont on Unsplash
Posing as illustrators and stock photo photographers, they fill out the contact form with the below format (names & phrasing may vary):
_______
Hi,
This is Melaina and I am a professional illustrator.
I was surprised, putting it lightly, when I came across my images at your web-site. If you use a copyrighted image without an owner's consent, you should be aware that you could be sued by the owner.
It's illegitimate to use stolen images and it's so low!
Here is this document with the links to my images you used at [your URL] and my earlier publications to get the evidence of my ownership.
Download it now and check this out for yourself: [PHISHING LINK]
If you don't get rid of the images mentioned in the document above during the next several days, I'll file a complaint on you to your hosting provider stating that my copyrights have been severely infringed and I am trying to protect my intellectual property.
And if it doesn't work, trust me I am going to report and sue you! And I will not bother myself to let you know of it in advance.
_____
It is important to note that just opening the e-mail you got from the contact form will not download a virus or place you on any lists. BUT...
Clicking the phishing link IN the email is the trigger --- so DON"T click the link!
What should you do?
- Delete the e-mail
- Ask yourself, are you concerned maybe you HAVE use someone's image without permission? Although the form submission is a scam, you can still take this as an opportunity to make sure your images are properly licensed.
The phishing scam plays on the fears of a legit concern - properly licensed images.
Make sure you know where you got the images on your website, and that you have proper licensing for them. If you don't already have a process for tracking legal image usage, start one.
At Technogizmo, when we purchase photos, we do so from an exclusive list of stock photo companies. When we use a free image (like the one above from Unsplash), we include attribution info. Between the two processes, we know where every image comes from, and what the licensing is.