Recently, web site maintainers in MCECS have been receiving phishing emails disguised as complaints about the misuse of copyrighted images on their sites. The emails are often submitted through a contact form or to published contact email addresses.

They often have a title that looks like:

You have no legal rights to use my images for www.pdx.edu without my permission! It’s illegitimate! You’re committing a legal offense! You must get rid of my images out now!!!!!

and guide you to a link that purports to download a document containing pointers to illegally used images. The link will usually be to a google site, appearing to add a sense of legitimacy to it.

This is a classic phishing spam with the potential to download malware. Make sure that you DO NOT click on any links in these emails. (It’s a good idea to be skeptical about links you receive in emails, especially unsolicited ones.) These spams have been circulating around the country since June but seem to be really hitting MCECS in the last few weeks.

If you get one of these, we recommend you:

1) Forward a copy to abuse@pdx.edu so that OIT’s security team gets a data point. (You can also copy support@cat.pdx.edu so we know there has been another sighting.)

2) Mark it as spam. This will help Google’s spam mechanisms rate the email negatively.

If you have clicked on the download link, let us know. If you did so on a CAT supported computer, we can usually check to see if there was an attempt at downloading something known to be malicious. In the case of your personal computers, make sure that your computers are always patched and that antivirus mechanisms are always functioning and up-to-date.