Realms Unseen / unlocked Watch on YouTube
CASE 015 Drops July 14

The Copyright Violation Scam: A Warning That Steals Accounts

Also filed under: copyright violation phishing · fake copyright strike scam · account suspension phishing · Instagram copyright scam

That message warning your account violated copyright and will be deleted in 24 hours unless you appeal is a phishing scam, and the 'appeal' link is the entire crime. There is no violation, no review team waiting, and no deadline. There is only a fake login page with your name on the guest list.

The copyright angle is chosen with care. It sounds official, it sounds plausible (who among us is certain about every song in every story), and it threatens the thing you'd act fastest to save. Fear does the clicking. The scammer just holds the door.

Operator runs this con on camera July 14 at noon PT. Subscribe so it finds you

How the con runs

The bait arrives as a DM, email, or text dressed up as the platform: Instagram, Facebook, TikTok, YouTube, the logo is a copy-paste away. It cites a 'Copyright Infringement Detected' case number, threatens permanent deletion, and offers one exit: an appeal form, linked right there, ticking clock included. The sender is something like 'copyright-help-center' with a suspicious surplus of hyphens.

The link opens a login page that is a pixel-faithful clone of the real one. You enter your username and password to 'verify your identity' for the appeal. Some versions politely ask for the two-factor code too, and relay it to the real site in real time, which defeats the code you assumed made you unkidnappable.

The swap happens in minutes. He logs in, changes the email, then the password, then the recovery phone, in that order, so every reset lever now pulls toward him. Your session gets kicked, and the account that took you six years to build is now inventory, either held for ransom, used to phish your followers (a message from you converts beautifully), or sold outright on handle marketplaces.

Accounts with money attached, creator funds, shops, ad accounts, get the deluxe treatment: the scammer runs ad spend on your card or pivots your audience into a crypto scheme before you've finished finding the real support form.

Play defense

Already got hit?

  1. If you entered credentials but still have access: change your password immediately, enable two-factor authentication, and log out all other sessions from your security settings.
  2. If you're locked out: use the platform's hacked-account recovery flow, instagram.com/hacked for Instagram, facebook.com/hacked for Facebook, or the equivalent support path on TikTok or YouTube. Start immediately; recovery gets harder as he digs in.
  3. Change that password everywhere you reused it, which is the confession portion of the recovery process. A password manager prevents the sequel.
  4. Warn your followers from any channel you still control. Your hijacked account is now phishing the people who trust you, and speed limits the damage.
  5. If payment methods, shops, or ad accounts were attached, alert your bank or card issuer and check for unauthorized spend. Then report the phish at reportfraud.ftc.gov and ic3.gov.

Questions people ask at 2 a.m.

Is the copyright violation warning message on Instagram real?

If it arrived as a DM, email, or text with an appeal link, no. Real copyright notices appear in the platform's own in-app notifications and support center, never through a message link asking you to log in. The link leads to a phishing page that steals your credentials.

What happens if I clicked the link and logged in?

Assume your credentials are stolen. Change your password immediately, enable two-factor authentication, and force-logout other sessions. If you're already locked out, use the platform's hacked-account flow, such as instagram.com/hacked, and start right away, before the scammer changes your recovery email and phone.

How do platforms actually handle copyright violations?

Through in-app notifications, formal strike systems, and support-center appeals, on timelines measured in weeks, not hours. You'll never be required to sign in through a link in a message to respond, and legitimate enforcement doesn't threaten permanent deletion with a 24-hour countdown.