A few days ago, I received an unusual comment on one of my posts on this blog. The comment claimed to be from a "certified illustrator" who claimed that I was using some of her copywritten images without credit. The comment included a link to a Google Drive document that supposedly contained a list of the offending images, and suggested that the illustrator would sue me if I did not promptly remove the images. The full message is duplicated in text below, and in screenshot form:
Hi there!
This is Melika and I am a certified illustrator.
I was baffled, frankly speaking, when I came across my images at your web-site. If you use a copyrighted image without my permission, you must be aware that you could be sued by the copyrigh owner.
It's not legal to use stolen images and it's so filthy!
Take a look at this document with the links to my images you used at www.megabearsfan.net and my earlier publications to get evidence of my copyrights.
Download it right now and check this out for yourself:
https://sites.google.com/site/case53703/googledrive/share/downloads/
file/storage?ID=6543774982793
If you don't delete the images mentioned in the document above within the next few days, I'll write a complaint against you to your hosting provider stating that my copyrights have been infringed and I am trying to protect my intellectual property.
And if it doesn't work, you may be pretty damn sure I am going to report and sue you! And I will not bother myself to let you know of it in advance.
This comment was posted on one of my blog posts, claiming that I would be used for the use of copywritten images.
I am reasonably certain that this message is a scam. If you see this message in your comments, or receive it in an email, do not open the link!
When I first read this comment, I naturally became worried. I do use images from the internet in many of my blog posts. I try to avoid using any content that I know is copywritten, but it's possible that some copywritten content may slip through. Maybe I don't know that it's copywritten, or maybe I get a duplicate from a source that used it (legally or not) without knowing that the original is copywritten. This is especially true for older posts. I've been doing this for over ten years, and I really didn't know what the heck I was doing at first.
If anybody ever does come across content on my blog that they believe is copywritten content that is used without consent or proper attribution, I invite you to inform me. I would be happy to either provide the proper credit or remove the offending content and replace it (if possible). Most of what I use is content that I consider to be used under Fair Use, but Fair Use doesn't necessarily cover everything.
Heck, I've seen some of the images that I've used on this blog duplicated in other places. Perhaps the highest-profile use that I've come across is that Jim Sterling used one of my Demon's Souls screenshots in one or two of his videos. I happen to love Jim Sterling's work, but even if I didn't, I wouldn't mind the use of the screenshot. But just because I don't mind some of my screenshots being replicated on the internet, it doesn't mean that others wouldn't be offended by their images being used without attribution or permission.
But this particular post seemed a bit odd. The first thing that stuck out to me was that the comment itself did not cite or refer to the particular allegedly "stolen" image. Furthermore, it was posted on a blog post about Star Trek, in which all but two images were stills from episodes or movies, which would be owned by CBS or Paramount, and not some random Shutterstock user named "Melika". Of the other two images, one was the promotional poster for a movie, and the other was a Picard facepalm meme, which I'm pretty confident nobody owns the copyright to.
So what is the offending image?
I was also a bit suspicious of the comment's language. It came off as a little hostile and unprofessional. No offer to discuss licensing or attribution. Just a threat to sue if the unspecified image(s) isn't removed. Bully tactics if I ever saw it.
The poster's username also contained a link to Shutter Stock (an online image repository), but it did not link to a specific user Id or profile or image collection. That also seemed suspicious. Had it linked to the user's image collection, I could have easily cross-referenced which images had been inappropriately used. Instead, all I had to work with was the Google Drive link.
The comment linked to a Google Drive doc that supposedly contained the list of offending images. I tried running the link URL through an online virus scanner called virustotal.com, which told me that the link was clean. So I downloaded the file and ran it through the Windows Defender scan. That scan reported that that the file contained malicious software called a Trojan.
The linked file contained a Trojan.
At this point, I was pretty sure I was dealing with some kind of scam -- or a very petty copyright holder. I did not unzip or open the file, so I'm not sure exactly what the included Trojan would have done. Maybe it was ransomware. Maybe it was a key-logger. Who knows? In any case, I did a full virus scan on my computer just to be safe, and I marked the comment as "spam".
I tried doing a Google search for this particular scam, which I probably should have done before attempting to download the file. Live and learn. I found many other blogs and websites that had comments containing the exact same message, just with different names for the supposed "certified illustrator". Some linked back to Shutter Stock, some to Photo Bucket, and also other photo repositories. In one case, I saw the same message posted five or six times in succession, each with a different username linking to a different photo repository website. This implies that the comment is being posted by a bot.
Some websites have the same comment posted multiple times.
A simple Google search for "I am a certified illustrator" will result in many websites with the same malicious comment. If you've received this comment on your blog or website, do not click on the link! It is a scam, and you may safely disregard and delete the comment. I bet this particular scam targets small, independent blogs and websites such as mine. It probably hopes that the individual(s) who maintain the site would panic and open the link out of fear, and that they don't have teams of lawyers on hand to review the legality of the claim. It only took a little bit of due-diligence on my part to expose it as a scam.
I'm posting this experience here in the hopes that it prevents anybody else from falling victim to this scam in the future.
I would like to report the link to Google, but I can't find a way to report a link. From what I can tell, the file would have to be on my Drive account in order for me to report it? Weird. If anybody knows how to report the link, feel free to do so, or let me know how so that I can report it. Thanks in advance.