The Open Rights Group (ORG) has warned of a new email phishing attack that takes advantage of the governments Digital Economy Act (DEAct) by attempting to extort money from innocent internet users in the UK via FAKE notification letters, which allege to have detected copyright infringement (piracy) on the users broadband connection.
The fake is poorly written but, like similar SCAMs, has been craftily designed to look as authentic as possible. No doubt future attacks will improve upon this, especially once Ofcom and the government have finally started to implement the real thing. The first official piracy warnings are expected to be sent during early 2014.
Advertisement
FAKE Internet Piracy Threat Letter from the Government
From: Digital Econnomy Act
Date: 29 June 2012 16:03
Subject: Penalties for breach of the law.From: Digital Economy Act
Date: Friday, June 29, 2012
Time: 4:55:09 pm
Reference number: 84Z43001-BMrs,Mr
Attention, your Internet access has been used to commit illicit acts, notified by a penal infraction. Indeed, your Internet access was used to make available, reproduce or access copyrighted and protected materials. This allow illegal consultation and reproduction of the materials without the authorization of their respective owners.
Such acts and reproduction are commonly called “pirating” and constitute a legal infringement which is punish by law.
Such usage of your Internet connection might have happened without your permission, or without your known.
However your are legally responsible for the usage made of your Internet connection.
It is your responsibility to supervise your installation and to make sure that it is not accessible by third party.What we do reproach you?
We reproach to have failed to supervise your Internet access and to have made it possible for third party to commit
copyright infringements.In order to solve this issue, it is demanded to you to proceed to the payment of a fine to avoid further legal pursuits.
To proceed please:1. Obtain a UKCASH code of £50: http://www.ukash.com/uk/en/where-to-get.aspx
2. Forward it to the below email address with your reference number: dea@[snip]If no answers are received within the next 5 days followed by the delivery of this email, the case would be transferred and
judged by the high court of London.Annex:
article 264A of DEA (digital economy act)
When carrying out a review under section 264 for a period, OFCOM must also carry out a review of the extent to which material included in media services during that period (taken together over the period as a whole) contributed towards the fulfilment of the public service objectives.More information available on http://www.legislation.gov.uk/ukpga/2010/24/pdfs/ukpga_20100024_en.pdf
The attack exposes a fairly obvious flaw in all letter writing system (easy to fake), although it must be stressed that the final notification letters from your ISP will NEVER demand payment and copyright holders will only be able to pursue a settlement case after the customer receives 3 or more letters within a 12-month period.
Likewise all of the official letters must be sent via first class mail (post). One defence against such phishing is to educate yourself about the new code (full summary) and to adopt a common sense approach to any similar requests (e.g. independently verify it with your ISP before doing anything).
Comments are closed