Scammers Use The Public's Fear Of Copyright Culture To Trick People Into Installing Malware

from the look-what-you've-done dept

It isn't some novel revelation that scammers and malware purveyors have used the public's fear and lack of knowledge about copyright laws and processes to pull off their nefarious deeds. For more than a decade, bad actors have looked at the shady methods of copyright trolls and noticed that those tactics are perfectly suited to convince the public to download malware or fraudulently extract money from people's wallets. None of this is new or surprising. What should be surprising, however, is that absolutely nothing has been done about any of this. Never has a hard look been taken as to why copyright enforcement so resembles these illegal activities, nor has any serious consideration been given to what this culture of permission and fear has done to so well prepare the public to be susceptible to these scams.

As a result, these bad acts continue to the present. TorrentFreak has a post about how scammers are currently using fake notices sent to the public, made to look like copyright threats or warnings, all in an effort to get them to click links and download malware.

Just a few weeks ago, we reported how pirates are lured into downloading malware and trojans. However, people who want to avoid copyright troubles are facing similar risks. As it turns out, fake copyright warnings and takedown notices are commonly used by scammers as well.

These scammers cleverly use the threat that copyright infringement claims pose to recipients. Many website operators fear legal repercussions and are eager to resolve these matters swiftly. Social media users, who risk losing their accounts, are equally concerned.

This happens in a variety of ways. Those hosting or running websites get notices that their sites will be taken down if they don't click the links and respond to a general accusation of copyright infringement. But the scammers are also going after random social media accounts as well, with the same push via threats of account termination to click links. Those links are typically used to steal account credentials, just like a typical phishing email scam. Some, however, actually deploy a payload of malware instead.

Careful readers will notice that there are several mistakes in the notice. However, in their panic, some people may simply read over these errors. Instead, they will click on the Google link where they can download a “Copyright Infringement Evidence” package.

Needless to say, downloading and running these files will infect people’s computers with all kinds of nastiness. Google takes these links down when they are reported and we couldn’t find a live one. However, Techlicious linked one package to a Ransomware trojan.

Why does this work so well? Well, as I mentioned above, it starts to get really tough to tell apart the notices coming from copyright trolls and the scammers. While the end goal is somewhat different, the overall tactic is the same: use threatening language about copyright infringement to scare the shit out of the target in order to get them to hastily do what you want. In the case of copyright trolls, that means so-called "settlement" payments. For the other scammers, this can also mean handing over money, or clicking a link to steal credentials or deliver malware.

It used to be said that only pirates had to worry about copyright culture creating security risks for those infringing copyright. Now, thanks to the expansion of that copyright culture, unsuspecting and innocent members of the public are at risk as well.

Hide this

Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.

Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.

While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.

–The Techdirt Team

Filed Under: copyright, malware, phishing

Reader Comments

Subscribe: RSS

View by: Time | Thread

  1. icon
    That One Guy (profile), 19 May 2021 @ 1:55pm

    Re: Techdirt gets these every few days...

    We know enough to ignore them, but seeing how many we get, I do wonder if they're effective for the scammers.

    i imagine they operate under the same model as copyright extortionists in that the cost of sending out the threats are minimal and if even one person in a hundred/thousand falls for it and pays out the costs have more than been recouped.

Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here

Subscribe to the Techdirt Daily newsletter

Comment Options:

  • Use markdown. Use plain text.
  • Make this the First Word or Last Word. No thanks. (get credits or sign in to see balance)    
  • Remember name/email/url (set a cookie)

Follow Techdirt
Insider Shop - Show Your Support!

Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Chat
Recent Stories

This site, like most other sites on the web, uses cookies. For more information, see our privacy policy. Got it

Email This

This feature is only available to registered users. Register or sign in to use it.