We have received several reports of a malicious website visitor filling out contact forms on iPlasmaCMS2 Websites from a person named "Mel" claiming your website is using their images and that you must "delete them NOW".
Do NOT click on the link!
This is a classic phishing scheme - the malicious actor wants the unsuspecting victim who receives the email to click on the link which goes to a Google Drive hosted file that if clicked can create serious vulnerabilities in the victim's device and/or network.
July 13, 2021 - EDITOR'S NOTE - The bot appears to have switched from ng using Google Drive links to Firebase links. Please report the links to Google using this form. Copy and paste (without clicking) the malicious URL and indicate in your report that it was from an email received from your Website's contact form. Maybe with enough reports we can get Google to start sniffing these exploits out before they keep spreading more malware!
JUNE 29, 2020: It is confirmed that this script is also targeting Forms on WordPress websites as well. Thank you to the users who have contributed to this scam alert in our User Comments!