We received a call from a concerned client the other day because they had received an email through their website contact form that claimed that they were using copyrighted images on their website. The emailer claimed that they would sue our client if they didn’t remove the images, and the copyright proof could be accessed via a link. Once I assured the client that we only use images that we create, or that we pull from our stock photo subscription, he was relieved. However, this type of phishing scheme is happening more often. We thought it was a good time to remind our clients about the types of schemes that we frequently see, how they can avoid them, and the importance of website security.
Copyright Infringement Scheme
This is a common type of phishing scheme. After creating panic in the website owner about copyrighted images, and the emailer claiming they were going to sue and involve the website hosting company. The hacker will then demand that the user clicks a link to see evidence of their copyright. Once the user clicks the link, they can one of several things:
- Hold your device hostage and demand a ransom.
- Access your other accounts and compromise your financial information.
- They can upload viruses and worms onto your device.
As a preventative measure, Baseline Creative uses advanced captchas and honeypots to help deter, and track, users who are attempting to access websites. These tools also help limit the amount of spam on website contact forms.
A new version of this scheme has popped up on Instagram. Instagram users may receive a direct message or an email claiming that Instagram has found that they’ve used copyrighted images on their account. They cleverly add, “If you think we’ve made a mistake, please fill out the copyright objection form below,” which of course, will provide the hacker with access they need to take over your Instagram account.
You can avoid these types of phishing schemes by remaining vigilant and suspicious of emails that want you to click on a link, or download an attachment. Some signs that an email is a phishing scam are more obvious, such as, the email has poor grammar or misspelled words, or if the name shows up as someone you know, but the email address itself isn’t correct. However, scammers are becoming more sophisticated every day, so don’t drop your guard.
Domain Slamming Schemes
These types of schemes involve the claim that you must renew your domain. Usually they are marked “URGENT” and can come via email or regular mail. The scheme requires the business owner to fill out a form and pay for the domain renewal, which is quite often much more expensive than it should be.
Unfortunately, when the user completes this, they have unwittingly transferred their domain registration to someone with ill intent. These bad actors can then turn off your website, hold it hostage, or access the private information contained on your website.
If you’re unsure that your domain is about to expire, log into your domain host directly, and not from a link provided in an email. You should be able to log into your GoDaddy, BlueHost or another domain registration provider and see when your domain is set to expire. You can set up autorenewal so that you never have to worry about an expiration. If you are a Baseline Creative client, and we’ve set up your domain, we make sure that renewals occur each year so you don’t have to add that to your already full plate.
Avoiding Phishing Scams & Website Hacking
Baseline Creative is always vigilant when it comes to website security. We use tools to help us detect hacking attempts, as well as preventative firewalls and security measures to keep websites and data safe. If you receive an unsolicited email claiming copyright infringement or the need for a domain renewal, feel free to contact us. We can help you stay safe in the digital space and assist with website security needs.