Per my usual morning routine when I get up, I spend a few minutes on my phone. The first thing I always do is check over the notifications that came in while I was sleeping, reply as needed. After that as a habit I update all the apps on my phone that need updating, and while that is happening I check my email.
The other morning while checking the email I noticed a new contact form had been submitted on my Home Owners Association site that I handle the IT side of things. Normally most of the emails that come in are neighbors inquiring about the HOA dues, events in the neighborhood, or once and a while a general question or complaint.
This one was a bit different, it was from Andre Escobar claiming to be the legal officer for Hubspot, Inc. The copyright infringement was about some images on the HOA site that seemed to belong to Hubspot. You can view the entire contents of the contact form below.
Hello, Your website or a website that your organization hosts is violating the copyright-protected images owned by our company (hubspot Inc.). Take a look at this official document with the links to our images you utilized at tacomahills.org and our previous publication to find the evidence of our copyrights. Download it now and check this out for yourself: https://storage.googleapis.com/XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX I believe that you intentionally violated our legal rights under 17 USC Section 101 et seq. and can be liable for statutory damage of up to $110,000 as set-forth in Section 504 (c)(2) of the Digital millennium copyright act (”DMCA”) therein. This letter is official notice. I demand the removal of the infringing materials referenced above. Please take note as a service provider, the DMCA requires you to eliminate and/or deactivate access to the copyrighted content upon receipt of this particular notification letter. In case you don't stop the use of the aforementioned infringing materials a legal action can be started against you. I have a good self-belief that use of the copyrighted materials mentioned above as presumably violating is not authorized by the copyright owner, its agent, as well as legislation. I declare, under penalty of perjury, that the information in this letter is correct and hereby affirm that I am permitted to act on behalf of the proprietor of an exclusive and legal right that is allegedly violated. Very truly yours, Andre Escobar Legal Officer hubspot, Inc. hubspot.com 12/08/2021
I chose to sensor out the link to the document as it contains an iframe to another site (Which at the time of writing this was down anyways, but no reason to spread the spam link). Before I had my first cup of coffee I shared this with a coworker to let him know how my morning was starting, and before I even had a chance to look into it; he decided to look into it.
Upon some further investigation of this email, it was noticed that looking through legal.hubspot.com documentation, they always use HubSpot or HubSpot, Inc in their wording. This email mentions it as hubspot, Inc, mixing the case and not really in an official manner in terms of the company name. Also noted they’re also mixing “I” with “our” and “copy right owner” all up in that “official notice”.
That bundled together with an invalid email address and the link to a Google document it is evident that they were trying some sort of phishing/payment scam which is still unclear on how they were going to manage to achieve this. My coworker also did some searching and came across the exact same email posted on another site with some of the values switched out in the context of the message such as company name, persons name, and payment amount.
Overall it goes without saying, make sure when something strange shows up in your inbox that you take a moment to think, and research it to make sure it is indeed valid. As even the best of us can be scammed when not being causious!