Copyright Infringement Warning as Phishbait


Scammers are using fake copyright infringement warnings to trick people into handing over their Instagram credentials, Naked Security reports. The warnings arrive in emails that appear to come from Instagram and warn recipients that their accounts will be suspended if they don’t file an objection within twenty-four hours. If a recipient clicks on the link to file the objection, they’ll be taken to a phishing page that imitates Instagram’s appearance.

After a victim enters their username and password to supposedly file an appeal, they’ll see a loading page followed by a green checkmark and a message telling them their appeal has been filed. Finally, the site will redirect them to Instagram’s real login page.

Once the scammers have gained access to an Instagram account, they can use it for information gathering, monetization, or spreading additional phishing schemes to the account’s contacts.

Naked Security notes that the phishing site in this case has a long URL beginning with “instagram[.]copyrightinfringementappeal.” The use of two subdomains makes it difficult for users to see that the primary domain is fraudulent. Mobile devices are particularly susceptible to this technique, since they have less screen space to show the URL.

However, Naked Security also points out multiple red flags that could have alerted users to the fraud. First, the email and website both contained obvious typos and grammatical errors. Second, the email was sent from a Turkish hosting company and the phishing site was hosted on a “[.]cf” domain, which is the country code for the Central African Republic. Finally, a Google search could have revealed that Instagram’s copyright appeals process doesn’t actually work like this.

If someone doesn’t know to look for these red flags, however, it’s not hard to imagine them falling for this scam. New-school security awareness training can help your employees recognize signs of social engineering before they send their password to an attacker. Naked Security has the story:

Discover dangerous look-alike domains that could be used against you!

Our Domain Doppelgänger tool makes it easy for you to identify your potential “evil domain twins” and combines the search, discovery, reporting, and risk indicators, so you can take action now.

DomainDoppelgangerResultsBetter yet, with these results you can now generate an online assessment test to see what your users are able to recognize as “safe” domains for your organization. You then receive a summary of the test results to understand how security-aware your users are when it comes to identifying potentially fraudulent or phishy domains.

With Domain Doppelgänger, you can:

  • Search for existing and potential look-alike domains
  • Get a report with aggregated results that includes risk indicators, and
  • Generate an online “domain safety” quiz based on the results to administer to your end users

This is a complimentary tool and will take only a few minutes.

Domain Doppelgänger helps you find the threat before it is used against you.

Find your look-alike domains here:

Find Your Look-Alike Domains!

Don't like to click on redirected buttons? Copy & paste this link into your browser:

Subscribe To Our Blog

Domain Spoof Test Contest

Get the latest about social engineering

Subscribe to CyberheistNews