DCMA Act Notice Scam

Be aware.

There's a scam email about potential infringement of the Digital Millennium Copyright Act (DMCA) Act and images on your site being associated with a law firm's client. This isn't a new scam, it's just I got the email the other day.

Like most scams, this is engineered to make you believe it's real and send you into a panic to resolve the issue as quickly as possible. Then the solution is offered in the same email and it doesn't seem that bad after all.

Law Firm Email

A couple of weeks ago, I received an email from a law firm about an article on my website that used an image associated with their client's website. Note the wording, 'associated' not 'copyright'.

Now, there are a few things to note about the email.

1) Didn't address me by name but as the article's title with an embedded link

2) Gave me a link to the image which was hosted on Imgur (a popular image and memes sharing website)

3) Didn't demand cash just asked to place a link at the blog's footer to their client's website

4) Gave me a five-day deadline to respond

Investigation and Compliance

The threat appears scary and just as panic sets in, you read the solution doesn't seem that bad, no money has to change hands, and the article doesn't even need to be removed.

Curious, I checked out the law firm's website, which looked real. The partner was listed and had a LinkedIn profile.

Then I did a reverse domain check on the website of their client and found their traffic for a narrow niche was attracting serious juice.

In summary, the law firm was legit, the partner was real, and the website was generating traffic like it was going out of fashion. Everything added up to comply and be done with it.

Scam Email

The email is below for your viewing pleasure. I redacted parts.

It's a scam. See this article by trademarkia.

Taking Action

Black Hat SEO is when tactics are used to drive traffic to websites that contravene search engine policies. In the old, old days, this was as simple as writing keywords somewhere on your website in a font colour invisible to the naked eye.

The logic being people searching for a term would be end up on your website because your invisible keywords triggered the query answer algo. Using that technique today will get you penalised by search engines.

Don't click on any link. Don't feel you have to respond. Run a full antivirus scan on all your connected devices immediately.

If in doubt, consult your cybersecurity provider or legal friends.

Tip

While we're here, there are many lead generation providers who use LinkedIn scraped data to conduct campaigns. If you have time to try these out, use your own business and personal emails to test how up to date the information is.

I once did this for Middle East based provider and found an old email address. When I pointed this out I was told their dataset was based on 7 billion emails and they were right and I was wrong. "OK, bye", was my response.

If you want to protect your LinkedIn inbox and filter out the bots, put an emoji next to your profile name. Then if your name appears with the emoji, you know it's been bot scraped.