Photographers Targeted in Sophisticated Phishing Campaign Using Fake DMCA Notices
Photographers are the latest target in a sophisticated phishing campaign using fake copyright DMCA takedown notices to spread malware. A recent study by security firm Cofense has uncovered this tactic, with a Vietnamese campaign employing machine learning and AI tools to ensnare unsuspecting victims.
The campaign, dubbed 'Lone Star Stealer', preys on photographers' ethics and fear of copyright infringement. It uses convincing fake DMCA takedown notices, complete with seemingly legitimate details, to entice targets into clicking on malicious links. However, Cofense warns that these notices often lack key elements found in genuine DMCA takedowns, such as specific infringement details and contact information.
To spot these phishing attempts, Cofense recommends looking out for common signs. These include unusual language, fake names, and specific inconsistencies that indicate the notice isn't real. For instance, a real DMCA takedown notice will never ask you to click on a link to resolve the issue.
The campaign delivers legitimate-looking documents, often with a Python-installed attack hidden within. Malicious actors behind these attempts are likely using AI for translation and creating different email templates to evade detection. Cofense advises photographers and other potential targets to ensure all their work is original and to check copyrights to avoid panic when receiving such notices.
Hillary K. Grigonis, leading US coverage for Digital Camera World, reports that photographers must remain vigilant against these phishing attempts. By staying informed, checking for common signs of phishing, and maintaining original work, photographers can protect themselves and their devices from malware. Cofense recommends ongoing training and awareness to combat these evolving threats.
