Jump to content

[BEWARE!] Latest News on Fiverr Scammers – Story

ryukyra

By ryukyra
in Tips for Sellers

 Share

Recommended Posts

  • Popular Post
ryukyra Rookie

ryukyra

Posted
  • Popular Post
Posted

Today I was hacked.

Through Fiverr.

It was both a terrifying and hilarious experience.

However, this is not a joke. My life depends on what I make through Fiverr, and my career is growing strongly because of Fiverr’s system. Let me share this story with you and buckle up because it’s been one hell of a ride. Take this as a warning but also as a lighthearted story, it ends well.

All of this happened in two hours, and I’m just now taking the time to make sure that it doesn’t happen to those who read the forums. I’ve been a seller on Fiverr for 9 months, and I’ve been growing steadily ever since I started. I thoroughly enjoy the platform and have nothing bad to say about it.

However, here’s a message I received three days ago.

1837103944_Screenshot2019-04-2611_47_04.thumb.png.3846317ae69202f6145d81b0b9f01e86.png

If you work on Fiverr on a regular basis, you know how busy it can get. It’s rewarding but also exhausting and very fast-paced. You barely have any time to think during the day and once you are done, you’re still thinking about work, which is something that I am currently working on to eliminate.

However, I’m a Translator/Copywriter. I work with word counts on a constant basis and here’s the thing; I KNOW that Excel files do not show the word count, and that’s why I understand if clients say they do not know how long the file is.

But I was called “miss”.
I mean… I should have known better there.

Me being stupid aside, the grammar was less than ideal, but I never even pay attention to that, I thought it was some Chinese buyer that couldn’t speak or write English very well. I get genuine buyers looking for translations for knockoff products, which is fine by me, as long as they are not scammers.

But something… something was fishy about this doc.

Please note that I’m not programming-savvy. I know how tech works, but I don’t know how Microsoft Office VBA does (environment for macros on Office products, Excel in particular). That’s what got me because I am VERY aware of scammers and I always ask questions in advance before downloading random docs.

This time, I wasn’t as cautious.

However, even when I was prompted to “include contents”, nothing happened, and I simply ignored the message going forward with my life on Fiverr. A happy working life, a productive one. Until I got this message today asking me to do a similar thing… in a different way.

232474843_Screenshot2019-04-2611_44_27.thumb.png.6d41ea8d0ff2ef5fd675cad8997c63ce.png

And again, I was in the midst of working.

Knowing how fast you can lose on an offer through Fiverr, I replied very fast. I have a method for this now, and it’s been working fine for the most part. However, I immediately noticed the resemblance with the previous message, and I was a lot angrier at the sender for showing yet another blank file.

Here’s the deal though.

See that little checkmark that Fiverr shows under each document that’s being sent to you? Yeah, DO NOT TRUST IT. I don’t know what it means, but it definitely has ways to go before becoming actually beneficial to sellers. This file… oh my, this file f*cked me up.

I want you to focus on the “include contents” part. This scam technique is smart. They know you’re busy because Fiverr shows a lot of data around how much you work. So they send the file first in a general, nonchalant way. You notice there not being anything, BUT YOU ALREADY HAVE THE FILE ON THE PC.

This is most likely bot behaviour, so I’m not expecting there to be a person on the other side. However, as soon as you reply saying

There’s nothing!

you get a

Include contents, sir!

I mean, they asked nicely, right? So you do it.
That’s when you shouldn’t have done it.

The file itself has no problem, but somehow scammers are able to bypass antiviruses with this technique. I do not know how, but it’s real. After just five minutes of doing that, my browsers stopped working. I wasn’t allowed to go on the internet with perfectly functional providers, even my phone.

At first I thought it was the usual Wi-Fi hiccup, but oh no. I knew what was going on. I noticed the tangy smell of fish coming through the screen so much that I even texted my girlfriend acknowledging how annoying these people were BEFORE I would realise I was getting hacked.

Long story short – someone calls.
I glance at the screen of my personal cellphone.

+**** ********, ******, ****

But I live in Italy…

And I haven’t had contacts with people from London for months.

I have to be honest – I s*at my pants at that point.

Everything was going through my mind so fast that I couldn’t fathom it being real. Turn off the computer, change password, withdraw money on Fiverr, check on crucial data from my Mac (I have a personal and a work computer). This had never happened to me before, and it was scary.

However, I know how important privacy is. I know how damaging things like gossip, easy-to-spot passwords, and generally giving up a lot of data are. I’ve always been very cautious, using password managers, automatically erasing history data, clearing cache, clipboard, and so on.

But even then,

What did they know about me?

Were they able to see my financial statements?
Could they access my bank account?

Most importantly though,

Could they hack my Fiverr account?

You see, Fiverr is, by all means, amazing.

Not only did it give me the opportunity to work hard on things that I love, but it made them my career.

This is unprecedented in the tech world for people who aren’t as lucky as those living in large metropolitan areas, and Fiverr literally allowed me to move from a small city to a fantastic metropolitan area in Italy, Florence (I have no problem stating the city that I live in).

It’s where I met my girlfriend, and it’s where I feel at home.

So, there’s a lot that I have to thank Fiverr for, but there’s also a lot that they should improve on. This is not the only time that people try to scam me. I never thought they would succeed honestly, but they did, and it truly felt like a movie. I was helpless, going through menus to secure my data.

However exhilarating that might be, I don’t want this to happen to you.

I backup ALL my data through extremely secure cloud services. I also make physical copies every month. There is no space for data hiccups in my work environment, and it should be the same for you. However, you can’t help but wonder if these services really are all that secure when this happens?

For example, I know that I will have to change my phone number.
But when you think about it, there are so many things that are compromised now.

I am already working on installing a clean version of Windows through the BIOS on my laptop without even turning on the computer, but even then, did they block my BIOS? This is not a big issue to me because the laptop I was using for work was a lesser version of my personal one… on purpose.

However, I was thinking about upgrading.

What if this had happened with a 1000$+ machine containing my work life’s worth of data? That wouldn’t have been pretty. And even if my machine is worth around 250$, I still care about it; it’s worked for me and I still want to use it. It’s not just the price, it’s what you go through with these devices.

So, here’s what I have learned from this experience:

  1. Never underestimate privacy. I never did, but I now know how much more important it is.
  2. Never trust anybody. I’m not saying on Fiverr, I’m saying in general. Take one, two, twenty days before accepting seemingly incredible offers. Do your research.
  3. Always backup your data. You have any idea how bad this would have been if I didn’t meticulously update and backup all my data every single day of my life? Yuck.
  4. Understand your value. You’re on the marketplace, and you are valued in dollars. You, your name. People will want to take that away from you, so be wary of anyone and anything.
  5. Reinvest in your business. Never take a chance. On Fiverr, you are your own business. Don’t let anybody take that away from you. Constantly upgrade your security measures with newer, better implementations. Highlight milestones of your career. Keep pushing!

Why do I say that it ended well?
Because I’ve already beaten them preemptively.

In two hours, all of what I’ve done for the past 9 months has worked in my favour.

There’s not a single password on my Google Chrome cache, not a single Word file with my passwords in it (surprisingly, I know a lot of people who do that), not a single way to get into my cloud services if they truly deliver what they promise in terms of security, and most importantly, not a way to access my most valued, most precious data.

I know this because I’ve been constantly cutting on the amount of info that people can see about me both on the internet and on my personal devices, and I’ll keep doing that on a constant basis.

You should do that too if you want to achieve success in a world where someone can send you a file and leave you a data-collecting voicemail/call just five minutes after getting into your computer. Of course, I didn’t pick up, and I blocked the number immediately.

This was my PERSONAL cellphone.
Nobody knows about it except people I care about.

With that said, I will go through all my passwords and change them this evening.
I will also do a whole bunch of security upgrades, which, by the way, are totally worth it.
Never ever skimp on security if you’ve got something to lose. Always keep an eye out for this stuff.

I hope my laptop will be recovered.
Otherwise, RIP second-hand Surface Pro 3.

I loved you, dearly.

In any case, I hope this was an interesting read. I’m actually happy this happened to me because it made me realise how far I have come and how much more there still is to do. Today, I can say that I was hacked, which is a freaking cool thing to say.

I might write abut it one day.

Peace,
Arrigo

Mod Note: Telephone number removed.

  • Like 51
Link to comment
Share on other sites
  • Replies 62
  • Created
  • Last Reply

Top Posters In This Topic

Popular Days

Top Posters In This Topic

Popular Days

Popular Posts

ryukyra
ryukyra

Today I was hacked. Through Fiverr. It was both a terrifying and hilarious experience. However, this is not a joke. My life depends on what I make through Fiverr, and my career is growing strongly bec

iamsachmusic
iamsachmusic

The first thing I do when someone sends a file is to click on their username and check when the account was created. If it is created within the past 1-2 months, then I do not open the file directly.

muhammadfaheem0
muhammadfaheem0

Can anybody summarize this story, please? It’s really loooooooong story. 🙂

Posted Images

iamsachmusic Collaborator

iamsachmusic

Posted
Posted

The first thing I do when someone sends a file is to click on their username and check when the account was created. If it is created within the past 1-2 months, then I do not open the file directly. I use VirusTotal, to check if the file is safe. If the VirusTotal says it has some virus(s) in it, then I immediately delete that file and just chat with the so-called potential buyer.

I have a MacBook Pro, so it had an option to press the spacebar and preview the file without actually opening it, so it also helps me to check if that is a real file or someone is trying to hack and overall Apple does have far better security than a Windows OS.

That is a good thing, that you upload your data on the servers. It is always safe there and no one can access it without your password. I even added 2-factor authentications for the more securities.

When someone is trying to hack your account, they will mostly say the same thing again and again: “Open the file. It has all the details”. That is another sign for a potential hacker.

That is very bad that the file was saying “No Viruses Found”. I don’t know what calculations they are using to confirm if the file has a virus in it or not.

I think it is better to use better hardware and software than the cheaper one. Security is important. Safety is important.

  • Like 13
Link to comment
Share on other sites
hanshuber16 Community Regular

hanshuber16

Posted
Posted

Can anybody summarize this story, please? It’s really loooooooong story. 🙂

It’s really loooooooong story.

I can see that the OP has put in great effort in writing such a detailed post about their unfortunate experience (which probably wasn’t an easy thing for the OP to do considering everything they’re having to deal with right now) so that other sellers don’t fall into the same trap. @ryukyra Thanks for that! 🙂

@muhammadfaheem0 Trust me… it’s worth reading the entire thing. You won’t be disappointed.

But, if you want a TL;DR, it is this:

See that little checkmark that Fiverr shows under each document that’s being sent to you? Yeah, DO NOT TRUST IT . I don’t know what it means, but it definitely has ways to go before becoming actually beneficial to sellers. This file… oh my, this file f*cked me up.

  • Don’t trust Fiverr’s “No viruses found” notification that’s shown at the top of attached documents. In the OP’s case, Fiverr didn’t detect any issues with the files that the scammer used to hack the OP’s account/computer (possibly via macros/vba scripts).

here’s what I have learned from this experience:

  1. Never underestimate privacy. I never did, but I now know how much more important it is.
  2. Never trust anybody. I’m not saying on Fiverr , I’m saying in general. Take one, two, twenty days before accepting seemingly incredible offers. Do your research.
  3. Always backup your data. You have any idea how bad this would have been if I didn’t meticulously update and backup all my data every single day of my life? Yuck.
  4. Understand your value. You’re on the marketplace, and you are valued in dollars. You, your name. People will want to take that away from you, so be wary of anyone and anything.
  5. Reinvest in your business. Never take a chance. On Fiverr , you are your own business. Don’t let anybody take that away from you. Constantly upgrade your security measures with newer, better implementations. Highlight milestones of your career. Keep pushing!
  • Like 12
Link to comment
Share on other sites
muhammadfaheem0 Apprentice

muhammadfaheem0

Posted
Posted

It’s really loooooooong story.

I can see that the OP has put in great effort in writing such a detailed post about their unfortunate experience (which probably wasn’t an easy thing for the OP to do considering everything they’re having to deal with right now) so that other sellers don’t fall into the same trap. @ryukyra Thanks for that! 🙂

@muhammadfaheem0 Trust me… it’s worth reading the entire thing. You won’t be disappointed.

But, if you want a TL;DR, it is this:

See that little checkmark that Fiverr shows under each document that’s being sent to you? Yeah, DO NOT TRUST IT . I don’t know what it means, but it definitely has ways to go before becoming actually beneficial to sellers. This file… oh my, this file f*cked me up.

  • Don’t trust Fiverr’s “No viruses found” notification that’s shown at the top of attached documents. In the OP’s case, Fiverr didn’t detect any issues with the files that the scammer used to hack the OP’s account/computer (possibly via macros/vba scripts).

here’s what I have learned from this experience:

  1. Never underestimate privacy. I never did, but I now know how much more important it is.
  2. Never trust anybody. I’m not saying on Fiverr , I’m saying in general. Take one, two, twenty days before accepting seemingly incredible offers. Do your research.
  3. Always backup your data. You have any idea how bad this would have been if I didn’t meticulously update and backup all my data every single day of my life? Yuck.
  4. Understand your value. You’re on the marketplace, and you are valued in dollars. You, your name. People will want to take that away from you, so be wary of anyone and anything.
  5. Reinvest in your business. Never take a chance. On Fiverr , you are your own business. Don’t let anybody take that away from you. Constantly upgrade your security measures with newer, better implementations. Highlight milestones of your career. Keep pushing!

Trust me

Ok. Trusting you and gathering courage to read it all 😉

  • Like 5
Link to comment
Share on other sites
maitasun Grand Master

maitasun

Posted
Posted

It’s really loooooooong story.

I can see that the OP has put in great effort in writing such a detailed post about their unfortunate experience (which probably wasn’t an easy thing for the OP to do considering everything they’re having to deal with right now) so that other sellers don’t fall into the same trap. @ryukyra Thanks for that! 🙂

@muhammadfaheem0 Trust me… it’s worth reading the entire thing. You won’t be disappointed.

But, if you want a TL;DR, it is this:

See that little checkmark that Fiverr shows under each document that’s being sent to you? Yeah, DO NOT TRUST IT . I don’t know what it means, but it definitely has ways to go before becoming actually beneficial to sellers. This file… oh my, this file f*cked me up.

  • Don’t trust Fiverr’s “No viruses found” notification that’s shown at the top of attached documents. In the OP’s case, Fiverr didn’t detect any issues with the files that the scammer used to hack the OP’s account/computer (possibly via macros/vba scripts).

here’s what I have learned from this experience:

  1. Never underestimate privacy. I never did, but I now know how much more important it is.
  2. Never trust anybody. I’m not saying on Fiverr , I’m saying in general. Take one, two, twenty days before accepting seemingly incredible offers. Do your research.
  3. Always backup your data. You have any idea how bad this would have been if I didn’t meticulously update and backup all my data every single day of my life? Yuck.
  4. Understand your value. You’re on the marketplace, and you are valued in dollars. You, your name. People will want to take that away from you, so be wary of anyone and anything.
  5. Reinvest in your business. Never take a chance. On Fiverr , you are your own business. Don’t let anybody take that away from you. Constantly upgrade your security measures with newer, better implementations. Highlight milestones of your career. Keep pushing!

@muhammadfaheem0 Trust me…

179386_2.jpg.9d50aa7fb8b4e0c21acd07a6626c73d9.jpg ryukyra:

So, here’s what I have learned from this experience:

  1. Never trust anybody.

Ok. Trusting you

😳

:thinking:

😜

  • Like 14
Link to comment
Share on other sites
ryukyra Rookie

ryukyra

Posted
  • Author
Posted

The first thing I do when someone sends a file is to click on their username and check when the account was created. If it is created within the past 1-2 months, then I do not open the file directly. I use VirusTotal, to check if the file is safe. If the VirusTotal says it has some virus(s) in it, then I immediately delete that file and just chat with the so-called potential buyer.

I have a MacBook Pro, so it had an option to press the spacebar and preview the file without actually opening it, so it also helps me to check if that is a real file or someone is trying to hack and overall Apple does have far better security than a Windows OS.

That is a good thing, that you upload your data on the servers. It is always safe there and no one can access it without your password. I even added 2-factor authentications for the more securities.

When someone is trying to hack your account, they will mostly say the same thing again and again: “Open the file. It has all the details”. That is another sign for a potential hacker.

That is very bad that the file was saying “No Viruses Found”. I don’t know what calculations they are using to confirm if the file has a virus in it or not.

I think it is better to use better hardware and software than the cheaper one. Security is important. Safety is important.

I use VirusTotal , to check if the file is safe.

Thank you! I will check it out in the future.

Glad you read the post.

  • Like 6
Link to comment
Share on other sites
joxpress Explorer

joxpress

Posted
Posted

Today I was hacked.

Through Fiverr.

It was both a terrifying and hilarious experience.

However, this is not a joke. My life depends on what I make through Fiverr, and my career is growing strongly because of Fiverr’s system. Let me share this story with you and buckle up because it’s been one hell of a ride. Take this as a warning but also as a lighthearted story, it ends well.

All of this happened in two hours, and I’m just now taking the time to make sure that it doesn’t happen to those who read the forums. I’ve been a seller on Fiverr for 9 months, and I’ve been growing steadily ever since I started. I thoroughly enjoy the platform and have nothing bad to say about it.

However, here’s a message I received three days ago.

If you work on Fiverr on a regular basis, you know how busy it can get. It’s rewarding but also exhausting and very fast-paced. You barely have any time to think during the day and once you are done, you’re still thinking about work, which is something that I am currently working on to eliminate.

However, I’m a Translator/Copywriter. I work with word counts on a constant basis and here’s the thing; I KNOW that Excel files do not show the word count, and that’s why I understand if clients say they do not know how long the file is.

But I was called “miss”.

I mean… I should have known better there.

Me being stupid aside, the grammar was less than ideal, but I never even pay attention to that, I thought it was some Chinese buyer that couldn’t speak or write English very well. I get genuine buyers looking for translations for knockoff products, which is fine by me, as long as they are not scammers.

But something… something was fishy about this doc.

Please note that I’m not programming-savvy. I know how tech works, but I don’t know how Microsoft Office VBA does (environment for macros on Office products, Excel in particular). That’s what got me because I am VERY aware of scammers and I always ask questions in advance before downloading random docs.

This time, I wasn’t as cautious.

However, even when I was prompted to “include contents”, nothing happened, and I simply ignored the message going forward with my life on Fiverr. A happy working life, a productive one. Until I got this message today asking me to do a similar thing… in a different way.

And again, I was in the midst of working.

Knowing how fast you can lose on an offer through Fiverr, I replied very fast. I have a method for this now, and it’s been working fine for the most part. However, I immediately noticed the resemblance with the previous message, and I was a lot angrier at the sender for showing yet another blank file.

Here’s the deal though.

See that little checkmark that Fiverr shows under each document that’s being sent to you? Yeah, DO NOT TRUST IT. I don’t know what it means, but it definitely has ways to go before becoming actually beneficial to sellers. This file… oh my, this file f*cked me up.

I want you to focus on the “include contents” part. This scam technique is smart. They know you’re busy because Fiverr shows a lot of data around how much you work. So they send the file first in a general, nonchalant way. You notice there not being anything, BUT YOU ALREADY HAVE THE FILE ON THE PC.

This is most likely bot behaviour, so I’m not expecting there to be a person on the other side. However, as soon as you reply saying

There’s nothing!

you get a

Include contents, sir!

I mean, they asked nicely, right? So you do it.

That’s when you shouldn’t have done it.

The file itself has no problem, but somehow scammers are able to bypass antiviruses with this technique. I do not know how, but it’s real. After just five minutes of doing that, my browsers stopped working. I wasn’t allowed to go on the internet with perfectly functional providers, even my phone.

At first I thought it was the usual Wi-Fi hiccup, but oh no. I knew what was going on. I noticed the tangy smell of fish coming through the screen so much that I even texted my girlfriend acknowledging how annoying these people were BEFORE I would realise I was getting hacked.

Long story short – someone calls.

I glance at the screen of my personal cellphone.

+**** ********, ******, ****

But I live in Italy…

And I haven’t had contacts with people from London for months.

I have to be honest – I s*at my pants at that point.

Everything was going through my mind so fast that I couldn’t fathom it being real. Turn off the computer, change password, withdraw money on Fiverr, check on crucial data from my Mac (I have a personal and a work computer). This had never happened to me before, and it was scary.

However, I know how important privacy is. I know how damaging things like gossip, easy-to-spot passwords, and generally giving up a lot of data are. I’ve always been very cautious, using password managers, automatically erasing history data, clearing cache, clipboard, and so on.

But even then,

What did they know about me?

Were they able to see my financial statements?

Could they access my bank account?

Most importantly though,

Could they hack my Fiverr account?

You see, Fiverr is, by all means, amazing.

Not only did it give me the opportunity to work hard on things that I love, but it made them my career.

This is unprecedented in the tech world for people who aren’t as lucky as those living in large metropolitan areas, and Fiverr literally allowed me to move from a small city to a fantastic metropolitan area in Italy, Florence (I have no problem stating the city that I live in).

It’s where I met my girlfriend, and it’s where I feel at home.

So, there’s a lot that I have to thank Fiverr for, but there’s also a lot that they should improve on. This is not the only time that people try to scam me. I never thought they would succeed honestly, but they did, and it truly felt like a movie. I was helpless, going through menus to secure my data.

However exhilarating that might be, I don’t want this to happen to you.

I backup ALL my data through extremely secure cloud services. I also make physical copies every month. There is no space for data hiccups in my work environment, and it should be the same for you. However, you can’t help but wonder if these services really are all that secure when this happens?

For example, I know that I will have to change my phone number.

But when you think about it, there are so many things that are compromised now.

I am already working on installing a clean version of Windows through the BIOS on my laptop without even turning on the computer, but even then, did they block my BIOS? This is not a big issue to me because the laptop I was using for work was a lesser version of my personal one… on purpose.

However, I was thinking about upgrading.

What if this had happened with a 1000$+ machine containing my work life’s worth of data? That wouldn’t have been pretty. And even if my machine is worth around 250$, I still care about it; it’s worked for me and I still want to use it. It’s not just the price, it’s what you go through with these devices.

So, here’s what I have learned from this experience:

  1. Never underestimate privacy. I never did, but I now know how much more important it is.
  2. Never trust anybody. I’m not saying on Fiverr, I’m saying in general. Take one, two, twenty days before accepting seemingly incredible offers. Do your research.
  3. Always backup your data. You have any idea how bad this would have been if I didn’t meticulously update and backup all my data every single day of my life? Yuck.
  4. Understand your value. You’re on the marketplace, and you are valued in dollars. You, your name. People will want to take that away from you, so be wary of anyone and anything.
  5. Reinvest in your business. Never take a chance. On Fiverr, you are your own business. Don’t let anybody take that away from you. Constantly upgrade your security measures with newer, better implementations. Highlight milestones of your career. Keep pushing!

Why do I say that it ended well?

Because I’ve already beaten them preemptively.

In two hours, all of what I’ve done for the past 9 months has worked in my favour.

There’s not a single password on my Google Chrome cache, not a single Word file with my passwords in it (surprisingly, I know a lot of people who do that), not a single way to get into my cloud services if they truly deliver what they promise in terms of security, and most importantly, not a way to access my most valued, most precious data.

I know this because I’ve been constantly cutting on the amount of info that people can see about me both on the internet and on my personal devices, and I’ll keep doing that on a constant basis.

You should do that too if you want to achieve success in a world where someone can send you a file and leave you a data-collecting voicemail/call just five minutes after getting into your computer. Of course, I didn’t pick up, and I blocked the number immediately.

This was my PERSONAL cellphone.

Nobody knows about it except people I care about.

With that said, I will go through all my passwords and change them this evening.

I will also do a whole bunch of security upgrades, which, by the way, are totally worth it.

Never ever skimp on security if you’ve got something to lose. Always keep an eye out for this stuff.

I hope my laptop will be recovered.

Otherwise, RIP second-hand Surface Pro 3.

I loved you, dearly.

In any case, I hope this was an interesting read. I’m actually happy this happened to me because it made me realise how far I have come and how much more there still is to do. Today, I can say that I was hacked, which is a freaking cool thing to say.

I might write abut it one day.

Peace,

Arrigo

Mod Note: Telephone number removed.

Today, I can say that I was hacked, which is a freaking cool thing to say.

Lol, they left your sense of humor intact.

  • Like 5
Link to comment
Share on other sites
vovkaslovesnyy Mentor

vovkaslovesnyy

Posted
Posted

Just to confirm the entire story.
It happened with me for the first time since 2014.
This Holly also contacted me in the morning with the same intention:
2019-04-26_16-41-11.png.88ee6b083be2d83316a2635db130cfb8.png

However, Kaspersky Antivirus simply not allowed me to do anything with the file:
2019-04-26_11-45-14.png.1a831aadd3f74c8edec5fb8bf52de8f1.png

According to the information on their website, the file is infected with “Trojan-Downloader.MSOffice.SLoad”

This .doc/.docx document contains a script written in VBA (Visual Basic for Applications), which can be run in Microsoft Word. The script contains procedures for establishing a connection as well as downloading, saving, and running a file. The downloaded malware is most often ransomware that encrypts user data.

  • Like 9
Link to comment
Share on other sites
vovkaslovesnyy Mentor

vovkaslovesnyy

Posted
Posted

@vovkaslovesnyy @ryukyra have you reported this user? If not, you should.

Yes, sure!

When I saw “encrypt” word, I became a bit nervous 😱

I still remember how our office was totally paralyzed after a secretary opened a similar file on her computer and went to the shared folder. All our work was simply encrypted, and our admin didn’t have a fresh backup.

  • Like 5
Link to comment
Share on other sites
vid_agency Newbie

vid_agency

Posted
Posted

The first thing I do when someone sends a file is to click on their username and check when the account was created. If it is created within the past 1-2 months, then I do not open the file directly. I use VirusTotal, to check if the file is safe. If the VirusTotal says it has some virus(s) in it, then I immediately delete that file and just chat with the so-called potential buyer.

I have a MacBook Pro, so it had an option to press the spacebar and preview the file without actually opening it, so it also helps me to check if that is a real file or someone is trying to hack and overall Apple does have far better security than a Windows OS.

That is a good thing, that you upload your data on the servers. It is always safe there and no one can access it without your password. I even added 2-factor authentications for the more securities.

When someone is trying to hack your account, they will mostly say the same thing again and again: “Open the file. It has all the details”. That is another sign for a potential hacker.

That is very bad that the file was saying “No Viruses Found”. I don’t know what calculations they are using to confirm if the file has a virus in it or not.

I think it is better to use better hardware and software than the cheaper one. Security is important. Safety is important.

Wow, your comment is very helpful. Thanks iamsachmusic

  • Like 3
Link to comment
Share on other sites
ryukyra Rookie

ryukyra

Posted
  • Author
Posted

Just to confirm the entire story.

It happened with me for the first time since 2014.

This Holly also contacted me in the morning with the same intention:

2019-04-26_16-41-11

However, Kaspersky Antivirus simply not allowed me to do anything with the file:

2019-04-26_11-45-14

According to the information on their website, the file is infected with “Trojan-Downloader.MSOffice.SLoad”

This .doc/.docx document contains a script written in VBA (Visual Basic for Applications), which can be run in Microsoft Word. The script contains procedures for establishing a connection as well as downloading, saving, and running a file. The downloaded malware is most often ransomware that encrypts user data.

Just to confirm the entire story.

Thank you for the confirmation. I’m glad to know I am not the only one that has to go through this kind of fishy behaviour from people on Fiverr. I am getting better at figuring out how to spot this kind of stuff.

  • Like 6
Link to comment
Share on other sites
hanshuber16 Community Regular

hanshuber16

Posted
Posted

@muhammadfaheem0 Trust me…

179386_2.jpg.03e9c3dd7969c1f212059d2deca97950.jpg ryukyra:

So, here’s what I have learned from this experience:

  1. Never trust anybody.

Ok. Trusting you

😳

:thinking:

😜

@muhammadfaheem0 Trust me…

:rofl: Haha… You cracked me up… That was funny. 🙂

But, in my defense, please allow me to quote something the OP said out of context so that it works to my advantage 😜 :arrow_down:

Never trust anybody. I’m not saying on Fiverr

So, Fiverr is okay. 😜

just kidding.

134568_2.jpg.9d8bdfadfeea72c560402cbb04d09c9d.jpg

143866_2.jpg.edaf72e6e6f4168f11ee7731b29a9b43.jpg

  • Like 6
Link to comment
Share on other sites
misscrystal Veteran

misscrystal

Posted
Posted

Please everyone do not write long posts like this. It probably has some valuable information and I spent over five minutes reading part of it but I have a life to live and don’t want to read such a long essay.

I keep my posts as short as I possibly can, out of being mindful of people’s limited time to spend reading it.

  • Like 6
Link to comment
Share on other sites
manucornel Explorer

manucornel

Posted
Posted

Today I was hacked.

Through Fiverr.

It was both a terrifying and hilarious experience.

However, this is not a joke. My life depends on what I make through Fiverr, and my career is growing strongly because of Fiverr’s system. Let me share this story with you and buckle up because it’s been one hell of a ride. Take this as a warning but also as a lighthearted story, it ends well.

All of this happened in two hours, and I’m just now taking the time to make sure that it doesn’t happen to those who read the forums. I’ve been a seller on Fiverr for 9 months, and I’ve been growing steadily ever since I started. I thoroughly enjoy the platform and have nothing bad to say about it.

However, here’s a message I received three days ago.

If you work on Fiverr on a regular basis, you know how busy it can get. It’s rewarding but also exhausting and very fast-paced. You barely have any time to think during the day and once you are done, you’re still thinking about work, which is something that I am currently working on to eliminate.

However, I’m a Translator/Copywriter. I work with word counts on a constant basis and here’s the thing; I KNOW that Excel files do not show the word count, and that’s why I understand if clients say they do not know how long the file is.

But I was called “miss”.

I mean… I should have known better there.

Me being stupid aside, the grammar was less than ideal, but I never even pay attention to that, I thought it was some Chinese buyer that couldn’t speak or write English very well. I get genuine buyers looking for translations for knockoff products, which is fine by me, as long as they are not scammers.

But something… something was fishy about this doc.

Please note that I’m not programming-savvy. I know how tech works, but I don’t know how Microsoft Office VBA does (environment for macros on Office products, Excel in particular). That’s what got me because I am VERY aware of scammers and I always ask questions in advance before downloading random docs.

This time, I wasn’t as cautious.

However, even when I was prompted to “include contents”, nothing happened, and I simply ignored the message going forward with my life on Fiverr. A happy working life, a productive one. Until I got this message today asking me to do a similar thing… in a different way.

And again, I was in the midst of working.

Knowing how fast you can lose on an offer through Fiverr, I replied very fast. I have a method for this now, and it’s been working fine for the most part. However, I immediately noticed the resemblance with the previous message, and I was a lot angrier at the sender for showing yet another blank file.

Here’s the deal though.

See that little checkmark that Fiverr shows under each document that’s being sent to you? Yeah, DO NOT TRUST IT. I don’t know what it means, but it definitely has ways to go before becoming actually beneficial to sellers. This file… oh my, this file f*cked me up.

I want you to focus on the “include contents” part. This scam technique is smart. They know you’re busy because Fiverr shows a lot of data around how much you work. So they send the file first in a general, nonchalant way. You notice there not being anything, BUT YOU ALREADY HAVE THE FILE ON THE PC.

This is most likely bot behaviour, so I’m not expecting there to be a person on the other side. However, as soon as you reply saying

There’s nothing!

you get a

Include contents, sir!

I mean, they asked nicely, right? So you do it.

That’s when you shouldn’t have done it.

The file itself has no problem, but somehow scammers are able to bypass antiviruses with this technique. I do not know how, but it’s real. After just five minutes of doing that, my browsers stopped working. I wasn’t allowed to go on the internet with perfectly functional providers, even my phone.

At first I thought it was the usual Wi-Fi hiccup, but oh no. I knew what was going on. I noticed the tangy smell of fish coming through the screen so much that I even texted my girlfriend acknowledging how annoying these people were BEFORE I would realise I was getting hacked.

Long story short – someone calls.

I glance at the screen of my personal cellphone.

+**** ********, ******, ****

But I live in Italy…

And I haven’t had contacts with people from London for months.

I have to be honest – I s*at my pants at that point.

Everything was going through my mind so fast that I couldn’t fathom it being real. Turn off the computer, change password, withdraw money on Fiverr, check on crucial data from my Mac (I have a personal and a work computer). This had never happened to me before, and it was scary.

However, I know how important privacy is. I know how damaging things like gossip, easy-to-spot passwords, and generally giving up a lot of data are. I’ve always been very cautious, using password managers, automatically erasing history data, clearing cache, clipboard, and so on.

But even then,

What did they know about me?

Were they able to see my financial statements?

Could they access my bank account?

Most importantly though,

Could they hack my Fiverr account?

You see, Fiverr is, by all means, amazing.

Not only did it give me the opportunity to work hard on things that I love, but it made them my career.

This is unprecedented in the tech world for people who aren’t as lucky as those living in large metropolitan areas, and Fiverr literally allowed me to move from a small city to a fantastic metropolitan area in Italy, Florence (I have no problem stating the city that I live in).

It’s where I met my girlfriend, and it’s where I feel at home.

So, there’s a lot that I have to thank Fiverr for, but there’s also a lot that they should improve on. This is not the only time that people try to scam me. I never thought they would succeed honestly, but they did, and it truly felt like a movie. I was helpless, going through menus to secure my data.

However exhilarating that might be, I don’t want this to happen to you.

I backup ALL my data through extremely secure cloud services. I also make physical copies every month. There is no space for data hiccups in my work environment, and it should be the same for you. However, you can’t help but wonder if these services really are all that secure when this happens?

For example, I know that I will have to change my phone number.

But when you think about it, there are so many things that are compromised now.

I am already working on installing a clean version of Windows through the BIOS on my laptop without even turning on the computer, but even then, did they block my BIOS? This is not a big issue to me because the laptop I was using for work was a lesser version of my personal one… on purpose.

However, I was thinking about upgrading.

What if this had happened with a 1000$+ machine containing my work life’s worth of data? That wouldn’t have been pretty. And even if my machine is worth around 250$, I still care about it; it’s worked for me and I still want to use it. It’s not just the price, it’s what you go through with these devices.

So, here’s what I have learned from this experience:

  1. Never underestimate privacy. I never did, but I now know how much more important it is.
  2. Never trust anybody. I’m not saying on Fiverr, I’m saying in general. Take one, two, twenty days before accepting seemingly incredible offers. Do your research.
  3. Always backup your data. You have any idea how bad this would have been if I didn’t meticulously update and backup all my data every single day of my life? Yuck.
  4. Understand your value. You’re on the marketplace, and you are valued in dollars. You, your name. People will want to take that away from you, so be wary of anyone and anything.
  5. Reinvest in your business. Never take a chance. On Fiverr, you are your own business. Don’t let anybody take that away from you. Constantly upgrade your security measures with newer, better implementations. Highlight milestones of your career. Keep pushing!

Why do I say that it ended well?

Because I’ve already beaten them preemptively.

In two hours, all of what I’ve done for the past 9 months has worked in my favour.

There’s not a single password on my Google Chrome cache, not a single Word file with my passwords in it (surprisingly, I know a lot of people who do that), not a single way to get into my cloud services if they truly deliver what they promise in terms of security, and most importantly, not a way to access my most valued, most precious data.

I know this because I’ve been constantly cutting on the amount of info that people can see about me both on the internet and on my personal devices, and I’ll keep doing that on a constant basis.

You should do that too if you want to achieve success in a world where someone can send you a file and leave you a data-collecting voicemail/call just five minutes after getting into your computer. Of course, I didn’t pick up, and I blocked the number immediately.

This was my PERSONAL cellphone.

Nobody knows about it except people I care about.

With that said, I will go through all my passwords and change them this evening.

I will also do a whole bunch of security upgrades, which, by the way, are totally worth it.

Never ever skimp on security if you’ve got something to lose. Always keep an eye out for this stuff.

I hope my laptop will be recovered.

Otherwise, RIP second-hand Surface Pro 3.

I loved you, dearly.

In any case, I hope this was an interesting read. I’m actually happy this happened to me because it made me realise how far I have come and how much more there still is to do. Today, I can say that I was hacked, which is a freaking cool thing to say.

I might write abut it one day.

Peace,

Arrigo

Mod Note: Telephone number removed.

Long story short – someone calls.

I glance at the screen of my personal cellphone.

+**********

I’ve read about the infected Word and Excel files that come with scripts that run when you open them, but what does has to do with your phone number? How is your phone number connected to your PC? :thinking:

I am glad you had a back-up and that the other user has an antivirus that detect it.

Mod Note: Quoted text edited.

  • Like 6
Link to comment
Share on other sites
maitasun Grand Master

maitasun

Posted
Posted

About Kaspersky Anti Virus: Don’t use that unless you want that program to install it’s own spyware on your computer. I’m surprised that is still being sold.

About Kaspersky Anti Virus: Don’t use that unless you want that program to install it’s own spyware on your computer.

To be honest, I never knew about it until the moment I read @vovkaslovesnyy’s post .

I use Eset.

  • Like 4
Link to comment
Share on other sites

Please sign in to comment

You will be able to leave a comment after signing in



Sign In Now
 Share
Go to topic listing
×
×
  • Create New...