• info@anvayasolutions.com
  • +1 (916) 673-9300

Have You Heard of This New Malware Phishing Scam? Even Cybersecurity Experts Are Targeted!

  • April 23 2024

Introduction: A New Malware Phishing Scam

Yep – it could have happened to us. Anvaya Solutions was just subject to a new phishing scam that looks extremely legitimate. Fortunately, we’re trained to recognize these scams that are seemingly legitimate.

Let us set the scene: Amidst our daily operations, we received an email that, at first glance, seemed like a standard legal notification. The message claimed copyright infringement over images supposedly used on our website, accompanied by threats of heavy fines and legal action. Here’s how we identified the scam and what you can do to avoid falling into similar traps.

What is a Copyright Infringement Scam?

A copyright infringement scam involves a supposed legal authority or law firm accusing you of illegally using copyrighted images. These scammers demand payment or threaten legal action, typically including a link or attachment they claim contains evidence of the infringement or a way to settle the case. Unfortunately, these links can often lead to malware infections or serve to confirm active email accounts for further scams.

Deep Dive into a Real Example:

The email we received was from a “legal officer” at a seemingly reputable law firm in California. After a Google search, the law firm was easily identifiable with reputable reviews. And no, the email we received didn’t have the typical “xysfkdkwcskf@hotmail.com” giveaway. Instead, they utilized a legitimate name using the domain id (the name after the “@” symbol) of the actual law firm name. The email included a suspicious link that, upon inspection, contained elements suggesting a connection to Brazil—a detail inconsistent with the firm’s California address. This, along with the urgency of the message, signaled a phishing attempt.

Technical Analysis of the Scam Tactics:

The URL provided was convoluted, containing multiple redirects and parameters that are typical of phishing links designed to deploy malware. When hovered over, the link hinted at a download of some sort, a classic red flag for malware distribution. The domain’s strange suffix was another giveaway, contrasting sharply with the professional tone of the email.

Legal vs. Scam:

Legitimate legal communications will rarely, if ever, demand immediate financial compensation via email, nor will they ask you to download evidence from a random link. Genuine legal claims will be backed by verifiable documents and direct contact through official channels, not through unsolicited emails.

This scam is hoping to trigger an emotional response from the receiver. “What? How can I possibly be infringing upon a company? I created all of my material!” Then, you click on the link in a panic. Unfortunately, if you click the link, it’s often too late.

Protective Measures:

  1. Verify the sender’s credentials independently, especially before responding to any legal threats.
  2. Educate your team about the signs of phishing and malware schemes.
  3. Use trusted, legally obtained images and content to reduce the risk of infringement claims.
  4. Maintain robust security software to protect against malware.

HELP! I Clicked the Link in a Panic – Now What?!

Uh oh! Tapped on the link? Not to worry—follow these steps:

If you or any of your team members ended up clicking on a link from a phishing email, then this is what you should do right away after to mitigate any probable damage:

● Disconnect the device from the internet immediately:

○ This may prevent the spreading of potentially transferred malware onto other devices from the network.

● Run a Full System Scan:

○ Perform a full system scan using your antivirus software. Update the antivirus definitions before you scan the system, so that any new threat coming could be detected and, most importantly, removed.

● Change Passwords:

○ If the link to this page could have in any way compromised any of your accounts, then change the passwords to such accounts immediately from a different, secure device. Strong, unique passwords should be assigned to every account, and it is recommended that two-factor authentication be kept on for added security.

● Anomaly Monitor:

○ Always keep a close watch on such accounts. If you come across anything that is an anomaly or seems suspicious, then do report the same on the spot. This includes unfamiliar financial transactions and an outsider’s access to any of your digital accounts.

● Let your in-house IT department or an outsourced cybersecurity professional know about the issue:

○ In case you are working for an organization, inform Anvaya Solutions about these issues, and we will create a comprehensive action plan for you going into the future. Necessary precautions will further be taken to safeguard your network and prevent such incidents.

● Educate Your Team:

○ Use this as an example to inform your team about the threats from phishing attacks, and the importance of practicing safe online activity.

FAQ Section:

● How could I check if the claim of copyright infringement is valid or not?

○ Always independently verify the claimant, visit the official website of the claimant, contact through proper official channels for verification, and consult with your legal advisor.

● What do I do if I suspect a scam copyright notice?

○ Do not click on anything in the email, be it a link or download an attachment. When in doubt, label it as a phishing mail and discuss with Anvaya Solutions.

● How do you know when such a claim is possibly a phishing campaign?

○ Major red flags come from urgent requests for money, links to download ‘evidence,’ and inconsistencies in the domain of the email or details of the sender.

● What am I supposed to do after clicking on a suspicious link?

○ Disconnect your device, run a full antivirus scan, change your passwords, and alert your IT department.

● How do I get to know that my device has been infected after I have clicked on the link?

○ Look out for the following signals: slow performance of the system, lots of unexpected ads and pop-ups being received by the users, and unusual activity at the account level.

● What are the human steps to further secure my system after a phishing attack?

○ Do keep software up to date, back up the data, and educate yourself on cybersecurity best practices.

● Is there any way one can verify that these are valid links before clicking on them?

○ Yes, in just a hover, you are able to see the URL that the link in question will direct you to. Be very cautious with a link that looks odd or totally not related to the domain from which it is supposedly sent.

Conclusion

Even the best cybersecurity expert is vulnerable to some sophisticated phishing scam. Always think twice and never take a legal threat or payment request for granted. After all, if in doubt, verify and don’t trust. Please, educate yourself and your team on these tactics to protect your operations and potentially save yourself from major financial and reputational loss.

Tags
Previous Post
“What’s Lurking in Your Network? Uncover Hidden Threats with Pen Testing”
 Next Post
The Story of the Christie’s Ransomware Attack Illustrates That Penetration Testing Is More Important Than Ever

Leave a Comment