We have received several reports of a malicious website visitor filling out contact forms on our station websites from a person named “Mel” claiming your website is using their images and that you must “delete them NOW”.
Do NOT click on the link within the form submission!
This is a classic phishing scheme. They want the unsuspecting victim who receives the notice to click on the link which goes to a Google Drive hosted file that if clicked can create serious vulnerabilities in the victim’s device and/or network.
They are pretending to be a “professional photographer” or “licensed photographer” going by the name “Mel” or “Melynda” with variations on the last name. They also use different fake email addresses and fake phone numbers.
Once the recipient clicks the link it will take them to a file download that will allow the hacker to seize control of the user’s device. The hacker will then be able to hold the user’s device hostage and demand a ransom or exploit access to the users’ system leading to further damage, compromised accounts, or injection of worms that infect the host machine and use it to launch attacks on others within the same network.
Here’s what the submission will look like. We have covered up personal information and some website information.
Some of the words will be changed from e-mail to e-mail to prevent spam detection, such as replacing “licensed” with “professional”, “against the law” with “illicitly”, “disgusting” with “filthy”.
If you ever receive a legitimate image complaint, it will not come through an “Advertise With Us” form. It will also name the image file without you having to click on anything.
We hope this raises awareness about this latest phishing scheme. If you have clicked the link in the past, ensure that you run a comprehensive virus scan on your machine and network.