A New Twist on Social Engineering Copyright Scams

Copyright law protects what refers to as “original works of authorship” and allows for individuals who use those works without proper authorization to be sued for damages, court costs, and attorneys’ fees. Unless you’re a professional writer, recording artist, or anyone else whose activities might run afoul of copyright statutes, you may be wondering what this could possibly have to do with you. Well, if you use social media sites, you might receive a message or email indicating that you have been accused of copyright infringement based on something you posted. Social media providers sometimes do send messages like these, but it may very well be a scam. You need to know what to look for in order to protect yourself.

How it works

In August 2021, Paul Ducklin of Naked Security posted an article on this subject to the company’s site at According to Ducklin, scammers have been using email and social media messaging to deliver fake copyright infringement notifications for years. This attack vector often targets Facebook and Instagram users, but is used on other platforms as well.

A social media user receives a message stating that they have posted something that violates a copyright and that a complaint has been filed. In most instances, the message appears to be from the social media site itself. As with other social engineering attacks, the scammer tries to create a sense of urgency to prompt the recipient to act quickly without doing any investigating. The recipient can either ignore the message, be sued, and possibly be required to pay attorney fees, a large settlement, and court costs or click an included link to access a site where the matter can be quickly resolved out of court using the dispute resolution process provided as a service of the social media platform. These dispute resolution services do exist, so that lends some credibility to the scam.

Of course, the link included in the scammer’s message takes the targets to malicious sites created by the cybercriminals.  If victims enter their social media login credentials, the criminal will have them.  If they enter any payment information to settle the fictitious claim, the attacker gets the money and now has the payment information, too.  These sites could also be used to deliver malware.


Scammers have modified the scam to bypass email filters

Cybercriminals constantly modify their attacks to defeat security controls designed to block them. Ducklin said recent messages have included phone numbers for the recipients to call rather than links for them to click. That’s because some of the emails sent have been getting blocked by filters based on the links they included. The new messages still convey a sense of urgency to try and get the recipient to act without verifying their authenticity. Ducklin’s article includes an example wherein the message stated the sender was notified that it had been read. The message included a same-day deadline by which the recipient had to call the phone number provided to prevent a lawsuit from being filed. Those who call the numbers will be speaking with con artists skilled in extracting information and convincing their victims to visit malicious sites.

Protecting yourself

Ducklin offered some suggestions that will help social media users stay clear of copyright scammers. Following are his recommendations along with others that will help you avoid becoming a victim of social engineering scams like this one.

•   Explore the social media site(s) you use to learn how they handle these types of disputes. Do some digging and, if needed, contact site support to find out what methods they use to contact their account holders when disputes arise. Do they send emails or social media messages? Will they ask you to call a phone number? Find out what you can in advance so that you’ll be better equipped to recognize and deal with a malicious message should you receive one.

•   As with other phishing scam variants, you should never click on links in suspicious messages or call any phone numbers included therein. Go to the social media site using the URL you know to be authentic and log in there. If you call by phone, use a number you know to be valid, not one provided in a message you received.

•   If you somehow end up in communication with someone you suspect is a scammer, end the conversation. Never allow yourself to be talked into providing any personal, payment, or account information, changing any settings on your account, visiting a site, or installing any application. Contact the social media site’s support personnel directly using a URL or phone number you know to be authentic and report the encounter.

•   Never give in to pressure tactics. Scammers try to pressure their targets into taking some immediate action without doing any research first. They may use time deadlines or threats. They don’t want you to take time to investigate their claims because they know you’ll find out it’s a scam.

Summing it up…

Social engineering attacks like this one are the most common methods used by cybercriminals because they target the human. Technical controls like malicious email filters are never 100% effective in blocking their efforts. Security controls incorporated into social media sites can’t always protect you, either. In fact, criminals love those sites because their users often post information they can use, like when they’ll be away on vacation, where they work, what their job titles are, their birthdays, and more. To protect yourself in today’s environment, you need to be aware of the tactics scammers and other cybercriminals use. As Ducklin said in his article, “forewarned is forearmed.”

Related posts

Why Should You Keep Your Devices Up To Date?

Sjir Bagmeijer

What makes social engineering a common phenomenon in today’s world

Sjir Bagmeijer

CISA Releases New Ransomware Readiness Assessment Tool

Sjir Bagmeijer