The users are being targeted with fake emails ostensibly sent by a German law firm by the name of "Dr. Kroner & Kollegen" that claims to represents Universal, Sony, EMI, Warner and Dreamworks.
The emails contain fake IP addresses and timestamps that seemingly prove that the users have downloaded unauthorized copyrighted material from Megaupload, and the "law firm" says that they are liable for fines up to 10,000 Euros.
But, it also offers them a way out: pay 147 Euros now, and this all goes away.
The email does look pretty legitimate at first glance, but some spelling errors and the lack of certain information such as the landline number of the law firm in the email should be enough to raise suspicion.
TorrentFreak also points out that "no specific copyright works are named and the claim is missing the usual ‘cease and desist’ element common to these schemes."
In another scheme targeting users of file-sharing sites, the name and logo of the German anti-piracy group GVU is also misused to trick users into parting with some cash.
The scheme - similar to one detected a couple of days ago - involves a piece of malware that, once installed and run, hijacks the users' browsers and takes them to a page that displays a fake GVU warning.
This time, the users are asked to pay up only 50 Euros, and to do so by via Paysafecard.
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.