Request a Quote

Thank you for reaching out to us! Please fill out and submit the form below and we will get back to you as soon as we are able to. Existing clients may Contact Us online or submit a Support Request.

Your Contact Information

What Services are you interested in?

Project Schedule

Additional Information

Phishing Advisory: Beware of Fake Email from "A Professional Photographer" claiming Copyright Infringement
Jun 16,
2020
Phishing Advisory: Beware of Fake Email from
We have received several reports of a malicious website visitor filling out contact forms on iPlasmaCMS2 Websites from a person named "Mel" claiming your website is using their images and that you must "delete them NOW".

Do NOT click on the link!

This is a classic phishing scheme - the malicious actor wants the unsuspecting victim who receives the email to click on the link which goes to a Google Drive hosted file that if clicked can create serious vulnerabilities in the victim's device and/or network.

UPDATES:

July 13, 2021 - EDITOR'S NOTE - The bot appears to have switched from ng using Google Drive links to Firebase links. Please report the links to Google using this form. Copy and paste (without clicking) the malicious URL and indicate in your report that it was from an email received from your Website's contact form.  Maybe with enough reports we can get Google to start sniffing these exploits out before they keep spreading more malware!

JUNE 29, 2020:  It is confirmed that this script is also targeting Forms on WordPress websites as well.  Thank you to the users who have contributed to this scam alert in our User Comments!

Ransomware Scheme Specifically Targeting iPlasmaCMS2 Website Administrators

The malicious actor is pretending to be a "Professional Photographer" or "Licensed Photographer" and going by the name "Mel" or "Melinda" with variations on the last name is using different fake email addresses and providing different fake phone numbers (generally with a '718' area code).

Once the recipient clicks the link it will take them to a file download that will allow the hacker to seize control of the user's device.  The hacker will then be able to hold the user's device hostage and demand a ransom or exploit access to the users' system leading to further damage, compromised accounts, or injection of worms (viruses that infect the host machine and use it to launch attacks on others).

Take a look at two almost identical messages sent through two completely different Website Contact Forms powered by iPlasmaCMS2, Insercorp's proprietary Web Content Management System:

-----Original Message-----
From: REDACTED <noreply@REDACTED>
Sent: Monday, June 15, 2020 4:05 AM
To: REDACTED <REDACTED>
Subject: REDACTED Location Contact Form

iPlasmaCMS Location Contact Form Message Generated on June 15, 2020
Name: Mel
Email Address: Melphotographer985@aol.com
Phone Number: 17185795917
Preferred Contact Method: Phone

Comments
Hello there!

This is Melinda and I am a licensed photographer.

I was discouraged, frankly speaking, when I came across my images at your website. If you use a copyrighted image without my approval, you must be aware that you could be sued by the copyrigh owner.

It's illicitly to use stolen images and it's so disgusting!

Take a look at this document with the links to my images you used at REDACTED and my earlier publications to obtain evidence of my copyrights.

Download it right now and check this out for yourself:

<REDACTED>

If you don't remove the images mentioned in the document above within the next several days, I'll write a complaint against you to your hosting provider stating that my copyrights have been infringed and I am trying to protect my intellectual property.

And if it doesn't work, you may be pretty damn sure I am going to report and sue you! And I will not bother myself to let you know of it in advance.

The hacker is trying to scare unsuspecting victims into clicking a link (which we have removed to prevent our readers from accidentally clicking it).  Now take a look at another report we received from a completely different client later in the same day:

-----Original Message-----
From: REDACTED <noreply@REDACTED>
Sent: Monday, June 15, 2020 10:45 PM
To: REDACTED <REDACTED>
Subject: General Contact Form Message from REDACTED

General Contact Form Message
Generated on June 15, 2020

First Name: Mel
Last Name: Pursley
Title: You have no any rights to use my images for REDACTED without my consent! It's illegal! It violates my rights! You must delete them NOW!!!!!
Company: Me photographer
Email Address: Menikon972@aol.com
Phone Number: 17188033311
Preferred Contact Method: Phone

Comments
Hello,

This is Melynda and I am a professional photographer.

I was confused, frankly speaking, when I came across my images at your web-site. If you use a copyrighted image without my consent, you need to be aware that you could be sued by the copyright holder.

It's against law to use stolen images and it's so filthy!

Take a look at this document with the links to my images you used at REDACTED and my earlier publications to obtain evidence of my legal copyrights.

Download it right now and check this out for yourself:

<REDACTED>

If you don't remove the images mentioned in the document above within the next few days, I'll write a complaint against you to your hosting provider stating that my copyrights have been infringed and I am trying to protect my intellectual property.

And if it doesn't work, you may be pretty damn sure I am going to report and sue you! And I will not bother myself to let you know of it in advance.

Notice how the text of the messages are almost identical in every instance, with specific words substituted to prevent spam detection, such as replacing "licensed" with "professional", "against the law" with "illicitly", "disgusting" with "filthy".

After receiving multiple reports in the last 24 hours from iPlasmaCMS2 Users we wanted to share this information to alert our Clients and raise awareness about this latest phishing scheme.

Safe browsing!

 

Tim Bradshaw
Founder & CEO
Tim Bradshaw is the Founder and CEO of Insercorp LTD.
User Comments
Added By Luke on November 22, 2021

I got one on my work email, a college based email at that, from "Emiliano Padovesi." This person is an actual person (from what I can tell) so the scammers are making a step up and picking people who have Facebook or other social media accounts. Be careful if you use public social media, and if possible, set them to private so that it will be harder for these people to steal your info to use in their scams. 

Added By jaymesilvestri on November 15, 2021

Wow! Lots of great information. Unfortunately, I’m really not that tech savvy. I started a blog on blogspot (address is above). I’ve tried to promote it and even started a facebook page. But, I’m going nowhere. My husband and I are on a fixed income, so paying others is something that really can’t be done. I want to be able to connect with other bloggers. I’ve been adding their blinkies, so maybe that would help? Anyway, thank you for the information.                                 

Added By Barbara McKenzie on September 20, 2021

I have receiv emails from differed named people that I have violated the copyright images owned by them. How do I stop receiving these emails?

 Thanks 

Added By Barbara McKenzie on September 20, 2021

I have receiv emails from differed named people that I have violated the copyright images owned by them. How do I stop receiving these emails?

 Thanks 

Added By Julie on August 12, 2021

I get soooo many of these....very tiring. Thank you!

Added By Joe on August 10, 2021

I just received this scam email:

Please read it below: 

 

My name is Hannah.

Your website or a website that your company hosts is infringing on a copyright protected images owned by myself.

Take a look at this report with the URLs to my images you utilized at preciousstonesusa.com and my earlier publications to get the evidence of my copyrights.

Download it now and check this out for yourself:

<REDACTED>

I believe that you intentionally infringed my legal rights under 17 USC Sec. 101 et seq. and could be liable for statutory damage of up to $110,000 as set forth in Sec. 504 (c) (2) of the Digital millennium copyright act (DMCA) therein.

This message is official notification. I seek the elimination of the infringing materials referenced above. Please be aware as a company, the Digital Millennium Copyright Act requires you, to remove or disable access to the copyrighted materials upon receipt of this letter. If you do not stop the utilization of the aforementioned infringing content a legal action will be commenced against you.

I do have a good self-belief that use of the copyrighted materials mentioned above as presumably violating is not approved by the copyright proprietor, its agent, or the laws.

I swear, under penalty of perjury, that the information in this notification is correct and that I am currently the copyright proprietor or am certified to act on behalf of the owner of an exclusive right that is allegedly infringed.

Sincerely,
Hannah Marie

08/09/2021

Name: Hannah
Email: Mariepix716@gmail.com
Phone: [your-phone]
City: [your-city]
Zip Code:[your-zip-code]

Added By pepper on July 30, 2021

It was my first time recieving this kind of mail from someone named Linda Turner. I was so scared but at the same time confused coz I really don't remember infringing documents or whatever. Dang!!!!! even click the url. dang!!!! I feel better when I read this article though but these people huh! tried replying it but says mail wasn't send coz address isn't found!

 

Grrrrrrrrr...... LINDA TURNER!!!!! BOOOOOOOOOOOOOO! 

Added By Ian Dalton on July 14, 2021

We've just had the same using a firebase link from someone called Jennifer West. Exactly the same as the example posted by Beth.  Didn't click - did report it!

Added By Beth on July 13, 2021

EDITOR'S NOTE - The bot appears to have switched from ng using Google Drive links to Firebase links. Please report the links to Google using this form. Copy and paste (without clicking) the malicious URL and indicate in your report that it was from an email received from your Website's contact form.  Maybe with enough reports we can get Google to start sniffing these exploits out before they keep spreading more malware!

Mine was Francis! hahahaa

 

My name is Francis.

Your website or a website that your company hosts is violating the copyright
protected images owned by myself.

Take a look at this report with the hyperlinks to my images you used at
xxxxxxxxxxxx and my previous publications to get the
proof of my copyrights.

Download it right now and check this out for yourself:

https://firebasestorage.googleapis.com/v0/b/storage-729af.appspot.com/o/files<REDACTED>

I do believe that you intentionally violated my legal rights under 17 U.S.C.
Section 101 et seq. and could possibly be liable for statutory damages of up to
$110,000 as set-forth in Section 504 (c) (2) of the Digital millennium copyright
act (DMCA) therein.

This letter is official notice. I seek the removal of the infringing materials
mentioned above. Take note as a company, the DMCA demands you, to remove or/and
deactivate access to the copyrighted materials upon receipt of this letter. If
you do not cease the utilization of the previously mentioned infringing content a
legal action will likely be commenced against you.

I have a good self-belief that utilization of the copyrighted materials described
above as allegedly infringing is not permitted by the legal copyright owner, its
agent, or the legislation.

I swear, under penalty of perjury, that the information in this message is
accurate and that I am the legal copyright owner or am permitted to act on behalf
of the owner of an exclusive and legal right that is allegedly violated.

Best regards,
Francis Delgado

07/12/2021

Added By Helen on June 29, 2021

Hello,

 

I received this message in my inbox today - name Candy Sanchez was the person saying I have violated their image copyright. I clicked on the link. How can I determine if my computer has been compromised ?

Google Icon
Youtube Icon
Linkedin Icon
Pinterest Icon
Instagram Icon
Contact Icon