Jump to content

Piracy Phishing Scam Targets U.S. ISPs and Subscribers


NelsonG

Recommended Posts

scamFor more than a decade copyright holders have been monitoring unauthorized downloads. Traditionally this resulted in harmless takedown notices, but increasingly, these warnings are bundled with automated “fines.”

Rightscorp and CEG TEK are the best known anti-piracy outfits employing this tactic, and this week another party appeared to have joined.

TorrentFreak was alerted to a takedown notice Lionsgate purportedly sent to a Cox subscriber, for allegedly downloading a pirated copy of the movie Allegiant. Under threat of a lawsuit, the subscriber was asked to pay a $150 settlement fee.

This request is unique as neither Lionsgate nor its tracking company IP-Echelon are known to engage in this practice.

When we contacted IP-Echelon about Lionsgate’s supposed settlement offer, we heard to our surprise that these emails are part of a large phishing scam, which has at least one large ISPs fooled.

“The notices are fake and not sent by us. It’s a phishing scam,” IP-Echelon informed TorrentFreak.

For a phishing scam the fake DMCA notice does its job well. At first sight the email appears to be legit, and for Cox Communications it was real enough to forward it to their customers.

Fake takedown notice
IP-echelon-fake

If an ISP is fooled, the rest of the scam is even more convincing, since Cox then treats the email as a regular DMCA takedown notice. This means that they forward it to their customers from an official Cox address.

In reality, however, the ip-echelon.report domain isn’t owned by IP-Echelon and the settlement money goes directly to the phishers.

IP-Echelon and its clients are not happy with having their names exploited in this type of scam. They are aware of the issue and inform us that U.S. law enforcement is currently looking into the matter.

Meanwhile, they suggest that ISPs carefully check the PGP signature before forwarding any notices to their customers.

“The case is being investigated by US law enforcement. IPE notices are signed with PGP for ISPs to check authenticity,” IP-Echelon said.

One Cox subscriber who received a notice inquired about the matter in the ISP’s support forums. She says she didn’t download the movie in question, and wonders if it could be a scam.

“I know your email, if real, said not to contact you but I am not sure what to do. I don’t want to give into a scam or if real pay for something I didn’t do,” the subscriber writes.

In response, a Cox representative confirmed that the email is real and explained that it was forwarded by the network security team. Apparently, the phishing scam was good enough to have the security experts fooled.

TorrentFreak alerted Cox to the fake notices but at the time of writing we have yet to receive a response. Whether any other ISPs have fallen for the same scam is unknown at this point.

It’s ironic that Cox is getting caught up in this. The ISP previous refused to forward these type of notices, even legit ones, to its customers. However, this policy was reversed after they lost their court case against BMG late last year.

In any case, Internet subscribers who receive a settlement demand from IP-Echelon, whether it’s for Lionsgate or another copyright holder, should alert their ISPs to this phishing scam.

Source: TF, for the latest info on copyright, file-sharing, torrent sites and ANONYMOUS VPN services.

Torrentfreak?d=yIl2AUoC8zA Torrentfreak?i=t1VaO17ulhE:1b_gv41stD4:D
t1VaO17ulhE

View the full article

Link to comment
Share on other sites

Please sign in to comment

You will be able to leave a comment after signing in



Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
  • Our picks

    • Wait, Burning Man is going online-only? What does that even look like?
      You could have been forgiven for missing the announcement that actual physical Burning Man has been canceled for this year, if not next. Firstly, the nonprofit Burning Man organization, known affectionately to insiders as the Borg, posted it after 5 p.m. PT Friday. That, even in the COVID-19 era, is the traditional time to push out news when you don't want much media attention. 
      But secondly, you may have missed its cancellation because the Borg is being careful not to use the C-word. The announcement was neutrally titled "The Burning Man Multiverse in 2020." Even as it offers refunds to early ticket buyers, considers layoffs and other belt-tightening measures, and can't even commit to a physical event in 2021, the Borg is making lemonade by focusing on an online-only version of Black Rock City this coming August.    Read more...
      More about Burning Man, Tech, Web Culture, and Live EventsView the full article
      • 0 replies
    • Post in What Are You Listening To?
      Post in What Are You Listening To?
    • Post in What Are You Listening To?
      Post in What Are You Listening To?
    • Post in What Are You Listening To?
      Post in What Are You Listening To?
    • Post in What Are You Listening To?
      Post in What Are You Listening To?
×
×
  • Create New...