Overview Details:

Avertium security teams have detected an uptick in “Stolen Images” phishing emails. This campaign accuses the email recipient of using copyrighted images without permission and threatens legal action if the stolen images are not removed from the organization’s website. A link to the photographer’s copyright documentation is provided, which downloads a malicious JavaScript file when clicked. While this campaign has been active for over a year, recent activity suggests this tactic is being used more widely against larger organizations.

How Avertium is Protecting Our Customers:

  • Avertium is monitoring for phishing activity and alerting customers if evidence of phishing is detected in their network.
  • Compromised devices have been isolated from the network pending full remediation.
  • IOCs related to this phishing campaign has been added to our managed SIEMs.


  • Be vigilant! Do not click on links in emails from untrusted senders.
  • Talk to your Avertium SDM about managed phishing training programs.


Contact us for more information about Avertium’s managed security service capabilities.