HOME
NEWS

Copyright scammers turn to phone numbers instead of web links


By VARINDIA - 2021-09-05
Copyright scammers turn to phone numbers instead of web links

Copyright scams aren’t new - These scammers often target your Facebook or Instagram account, fraudulently claiming that someone has registered a complaint about content that you’ve posted, such as a photo, and telling you that you need to resolve the issue in order to avoid getting locked out of your account.

 

The problem with copyright infringement notices is that if they’re genuine, they can’t just be ignored, because social media sites are obliged to try to resolve meaningful copyright complaints when they’re received.

 

To discourage bogus complaints and reduce harrassment – and if you are a content producer or influencer yourself, with an active blog, video or social media account, you will probably have had many well-meaning but ill-informed complaints in your time – sites such as Facebook, Instagram, Twitter and the like don’t put the complainant directly in touch with you.

 

The process usually goes something like this:

 

The complainant makes their claim to the service provider concerned. The service provider expects them to give full contact details, in order to discourage anonymous harasssment.

 

If the claim seems to hold water, the service alerts you, without giving your details to the complainant, and invites you to defend or to accept the complaint. (Obviously bogus claims, such as complaints about an images or video content in an article that is all text, shouldn’t go any further.)

 

If the claim is incorrect, you can repudiate it, for example by stating that you took a photo yourself or by showing a licence you acquired for a music clip.

 

If you don’t wish to contest the claim, you are usually expected to remove the allegedly infringing material promptly, and report that you have done so.

 

In either case, assuming that the service provider considers the case resolved, it’s then closed without the complainant getting to contact you directly, and without you needing to deal directly with the complainant in return.

 

Ignore at your peril

 

The idea behind this sort of resolution procedure is obvious.

 

It avoids lawsuits and protracted (and often expensive) legal wrangling; it maintains the privacy of the alleged infringer and protects them from harrassment by aggressive complainants; and it typically leads to the speedy and effective resolution of genuine copyright issues.

 

Of course, the flip-side of this approach is that, because it’s intended to resolve the issue quickly without recourse to lawyers and court hearings, it depends upon a prompt and meaningful response.

 

In other words, if you ignore the complaint, then the service provider will typically resolve it in favour of the complainant, perhaps by blocking access to the offending post or article unilaterally, or deleting it entirely.

 

Depending on the nature of the alleged infringement, or on how many times you’ve infringed before, the service may also decide to suspend your account temporarily, or even you lock you out of your account altogether until you negotiate your way back in.

 

Grist to the cybercrime mill

 

As you can imagine, this type of interaction is ripe for abuse by phishing scammers.

 

Whether they’re sending you fake emails or instant messages, crooks know that you know that copyright infringements can’t just be ignored, because doing so could end up with you getting locked out of your account.

 

And if you’ve ever been locked out of a social media account, you’ll know what a palaver it can be to get back in again, not least because you first have to prove to the service provider concerned that you really are the original account holder, which often involves back-and-forth negotiation involving scanned IDs and other personal documents.

 

So, the crooks figure that many people are more inclined to “click the link” in a copyright infringement notice than in an email pretending to be from their bank or their email provider.

 

Of course, in many of these scams, the first step is to take you to a fake login page for the service concerned, and ask you to login. (We’ve even seen scams of this sort that ask for the current 2FA login code from your authenticator app, thus greatly reducing your security by pretending to take it seriously.)

 

What to do?

 

Learn in advance how your online services handle disputes or security issues. Don’t get taken in by warnings you receive by email. Find your own way to the real site and use the service’s own help pages to find out how the service will contact you, and the correct procedure to follow if they do. Forewarned is forearmed.

 

Talk to a friend you can trust who’s already been through a copyright complaint. Each online service does it slightly differently, so it can be challenging the first time you do it for real. Talk to someone who has been there before and you will not only know the right way to respond, but also find it much easier to spot the fraudsters.

 

Never make contact via emailed links or phone numbers. If you need to login to a site such as Instagram for some official purpose, find your own way there, for example via a bookmark you created earlier, or by using the official mobile app. That way, you’ll avoid putting your real password into the wrong site. If you need to call your bank, or any other company you do business with, look up the phone number on previous correspondence that you know came from that company. Links, email addresses and phone numbers in text messages or emails could have come from anyone, and probably did.

 

Never give away information or change account settings because you’re told to. Once you have called a scammer’s phone number, they may “helpfully” guide you towards installing software, changing settings or reading out private details as a prerequisite to “assisting” you. Don’t do it. Find someone you already know and trust instead (e.g. a member of your own IT team from work, or a trusted friend in your own circle) and ask them directly.

 

If one of your friends or family is vulnerable to telephone pressure, make sure they know to call you first to ask for advice, instead of calling numbers they’re confronted with in text messages, emails or on websites.

 

Paul Ducklin, Principal Security Researcher, Sophos

See What’s Next in Tech With the Fast Forward Newsletter

SECURITY
View All
Zscaler announces AI innovations to its Data Protection Platform
Technology

Zscaler announces AI innovations to its Data Protection Platform

by VARINDIA 2024-05-20
SHIELD to enhance Swiggy’s fraud prevention and detection capabilities
Technology

SHIELD to enhance Swiggy’s fraud prevention and detection capabilities

by VARINDIA 2024-05-20
Axis Communications announces its first thermometric camera designed for Zone/Division 2
Technology

Axis Communications announces its first thermometric camera designed for Zone/Division 2

by VARINDIA 2024-05-20
SOFTWARE
View All
Hitachi Vantara and Veeam announce Global Strategic Alliance
Technology

Hitachi Vantara and Veeam announce Global Strategic Alliance

by VARINDIA 2024-05-16
Adobe launches Acrobat AI Assistant for the Enterprise
Technology

Adobe launches Acrobat AI Assistant for the Enterprise

by VARINDIA 2024-05-11
Oracle Database 23ai offers the power of AI to Enterprise Data and Applications
Technology

Oracle Database 23ai offers the power of AI to Enterprise Data and Applications

by VARINDIA 2024-05-10
START - UP
View All
Data Subject Access Request is an integrated module within ID-REDACT®
Technology

Data Subject Access Request is an integrated module within ID-REDACT®

by VARINDIA 2024-04-30
SiMa.ai Secures $70M Funds from Maverick Capital
Technology

SiMa.ai Secures $70M Funds from Maverick Capital

by VARINDIA 2024-04-05
Sarvam AI collaborates with Microsoft to bring its Indic voice LLM to Azure
Technology

Sarvam AI collaborates with Microsoft to bring its Indic voice LLM to Azure

by VARINDIA 2024-02-08

Tweets From @varindiamag

CIO - SPEAK
Automation has the potential to greatly improve efficiency and production

Automation has the potential to greatly improve efficiency and production

by VARINDIA
Various approaches are followed to enhance efficiency, productivity, and cost-effectiveness

Various approaches are followed to enhance efficiency, productivity, and cost-effectiveness

by VARINDIA
Technology can be leveraged in several ways to boost efficiency, productivity and reduce cost

Technology can be leveraged in several ways to boost efficiency, productivity and reduce cost

by VARINDIA
Start-Up and Unicorn Ecosystem
GoDaddy harnesses AI power for new domain name recommendations

GoDaddy harnesses AI power for new domain name recommendations

by VARINDIA
UAE’s du Telecom selects STL as a strategic fibre partner

UAE’s du Telecom selects STL as a strategic fibre partner

by VARINDIA
JLR and Dassault Systèmes extend partnership for All Vehicle Programs worldwide

JLR and Dassault Systèmes extend partnership for All Vehicle Programs worldwide

by VARINDIA
Rapyder partners with AWS to accelerate Generative AI led innovation

Rapyder partners with AWS to accelerate Generative AI led innovation

by VARINDIA
ManageEngine integrates its SIEM solution with Constella Intelligence

ManageEngine integrates its SIEM solution with Constella Intelligence

by VARINDIA
Elastic replaces traditional SIEM game with AI-driven security analytics

Elastic replaces traditional SIEM game with AI-driven security analytics

by VARINDIA
Infosys and ServiceNow to transform customer experiences with generative AI-powered solutions

Infosys and ServiceNow to transform customer experiences with generative AI-powered solutions

by VARINDIA
Crayon Software Experts India inaugurates its ISV Incubation Center in Kolkata

Crayon Software Experts India inaugurates its ISV Incubation Center in Kolkata

by VARINDIA
Dassault Systèmes to accelerate EV charging infrastructure development in India

Dassault Systèmes to accelerate EV charging infrastructure development in India

by VARINDIA
Tech Mahindra and Atento to deliver GenAI powered business transformation services

Tech Mahindra and Atento to deliver GenAI powered business transformation services

by VARINDIA