Facebook “copyright violation” tries to get past 2FA – don’t fall for it!


Do you look after any sort of social media content?

RELATED POSTS

If so, especially if it’s business related, you’ve probably received your fair share of copyright infringement complaints.

No matter how scrupulous you are about correctly licensing and attributing your content, you may be the victim of a scurillous or over-zealous complainant.

For example, we went through a phase recently during which a spammer took to emailing us about images that we had licensed via Shutterstock, implying that we were using them illegally. (We were not.)

The spammer offered us specious conditions to help “regularise” our use of the image – complete with a thinly-disguised warning that “removing the image isn’t the solution since you have been using our image on your website for a while now.”

Sometimes, however, a complainant may be prepared to make an claim on the record by lodging a formal infringement complaint with the site where your content is hosted.

In such cases, you may indeed be contacted by the relevant social media company to try to sort the issue out.

Ignoring genuine complaints is not really an option, given that the social media site may decide to remove the offending material unilaterally, or even to lock you out of your account temporarily, if you don’t respond within a reasonable time.

As you can imagine, this creates an opening for cybercriminals to frighten you into responding by sending out a fake takedown message.

Fake infringement notice

Here’s how cybercriminals tried to use this attack against us today, starting with a short but simple email:

Notification of Alleged Copyright Violation

Recently there have been reports citing copyright violations of your Page posts.

Your case NNNNNNNNNNNNNN

[Continue]

If you don't appeal in 48 hours, your page will be unpublished.

Thanks
Kind Regards

The good news is that he English isn’t quite right, the email didn’t come from Facebook’s servers, and the email address of the sender is bogus.

In other words, you should be suspicious of this message right away and you shouldn’t click the link in it.

The bad news, however, given that many recipients might feel compelled to investigate further just in case, is that the link you’ll see when you hover over [Continue] does indeed take you to facebook.com.

That’s because it’s a fraudulent account on Facebook itself that’s pretending to be an official Facebook landing page for copyright infringement notices:

Use this form if something you posted was reported due to a copyright.

Appeal Form: https://facebook.com/copyright/NNNNNNNNNNNNNNNNNNNNNNNNNN

If you skip the appeal form or the appeal is rejected your page will be scheduled for deletion in 24 hours!

(C) Facebook, Inc. 415 Department, PO Box 10005, Palo Alto, CA 94303

The link on the Facebook page above looks as though it stays on facebook.com, but the URL you see in blue above isn’t the URL you visit if you click it.

That’s an old trick used by crooks – and even by some legitimate sites.

The text of a link isn’t where you end up if you click on it, because the actual target URL you visit is specified separately from the link text in HTML.

The text that is displayed as the clickable text in a web page is whatever appears between the tags (markers) and in the HTML source code.

But the link to which you actually navigate if you click on the link text, whether it looks like a URL or not, is specified by an HREF (hypertext reference) attribute in the HTML tag itself, as depicted below:

HTML source code showing a link that looks like a URL but with an HREF going somewhere different.
The above web page when displayed in a browser. What you see is not what you get.