Warning to Website Owners using Contact Forms
Precautions for mail forwarding through your website’s contact form
If you own a website and use a CTA – Call-To-Action – asking prospective customers to connect with you through a contact form, be careful with these forwarded messages you receive in your inbox. Your company’s marketing efforts requires a certain degree of acceptable risk in using this method to ask prospects to reach out to you but we can use some common sense tests before acting upon these emails. When the prospective client – or bad guy – clicks the Send Button, the Email Forwarding service takes the information collected and sends it to the email address you tell it to deliver to and applies a Subject line of:
New Message From ‘Your Website’s Name’.
Today I received a typical email from the contact form sent from a website that I manage. In it, the person claims that I stole images used on this website and for proof, they asked me to click the link they included in the email. Wow, this is a pretty good one! Had I not stopped myself from acting on my angry emotional response to this claim, I probably would have been infected with some form of malware or worse, installed ransomware on my device and been locked out from its use until I paid the ransom.
Some steps to protect yourself
Diligence in today’s connected world dictates that individuals and companies take proactive preventative measures to try to thwart these bad guys from gaining our trust and then infecting our devices. First, they are getting better at plying human emotions so if you do fall victim, don’t beat yourself up too much. Many smart people have succumbed to these nefarious and awful thieves. With that said, here is some of what I received today for us to use as a learning tool.
This is Melanka and I am a qualified illustrator.
I was surprised, mildly speaking, when I found my images at your website. If you use a copyrighted image without an owner’s consent, you must be aware that you could be sued by the copyright holder.
It’s against the law to use stolen images and it’s so low!
Here is this document with the links to my images you used at (www.website.com) and my earlier publications to get the evidence of my legal copyrights.
Download it right now and check this out for yourself: (Wow, really!)
https://sites.google.com/view/id***************/home/drive/storage/file/download?FileID=*************** (I removed the file id’s)
If you don’t remove the images mentioned in the document above within the next several days, I’ll file a complaint against you to your hosting provider letting them know that my copyrights have been severely infringed and I am trying to protect my intellectual property.
And if it is not enough, for damn sure I am going to take legal action against you! And you won’t receive the second notice from me.
As you can see, this is a rather cunning attempt to get me to act based on my emotional response to the claim and this Phishing attach (Fishing for my knee-jerk reaction) has just enough credibility to almost get me to click the included link. It starts out nice and somewhat friendly but quickly and progressively gets more and more threatening. Notice that he does not give a full name, a company name, nor links to the offending website and names of the images he claims are his. Here are some things to check when you receive emails from your websites contact form or any unknown source sent to any email address.