Jump to content
  • 15

Can I get hacked by a buyer if I download a file through Messages ?


acurron75
 Share

Question

24 answers to this question

Recommended Posts

  • 0
On 1/12/2022 at 7:15 PM, mauro_523 said:

Actually I was about to write a post about my experience here. Fiverr is not as safe as this comment claims:

Sadly, it is completely the opposite.  While Fiverr scans every file sent through the platform, it has no way of scanning links or compressed files. Some so called "buyers" will message you and send you a link. Once you open the link you are done, your system has been potentially compromised to whatever illed intencion they have. Be careful out there. I have been receiving this kind of messages with suspicious links quite frequently these past 2 months.

@mauro_523 Can  you tell me more about harmful and fishing link? Also what is your bad experience with your buyer about any harmful link?

  • Like 39
  • Up 1
Link to comment
Share on other sites

  • 0

As a strong rule to follow,  "Yes" all links and downloads should be considered suspicious. With that, you are using caution on every action you take online.  Now, using the understanding of secure communications within a web application, ask yourself the following: 

  • Is your PC/ device up to date?
  • Does your PC/device has antivirus and antimalware software? 
  • Is your browser up to date? 
  • Does your browser URL bar show the "lock" mechanism indicating secure connection? 

Now, within the web application (Fiverr.com) you receive a private message from another user. I do not find these messages to be screen thoroughly.  I have received several external URL's to google documents, held on the outside of Fiverr.com's environment.  As a Security Professional, that is an immediate red flag and would be cause for concern with that user.   You can use some validation techniques if you desire:  try copy/ pasting the URL sent by this user and checking it at virustotal.com and urlscan.io.  While these websites are 100% in investigative confirmations of nefarious actions, they will give you a good idea if the URL that was sent to you is trustworthy or not. 

I will also submit, that while only being on Fiverr for a short time, I have received several suspicious messages from "users", where some were listed as "business accounts", asking me to perform services not specified on my listed gigs.  Such as performing a "sit-in" at a table top meeting on a web application kick off meeting (serious??) and some other random tech requests that just didn't make sense. All of those users sent me an external URL/link that they wanted me to click to see if "I was able to accept the gig".   

There is no lack of scammers in the world of "services" via the internet. Social media (facebook in particular) is ate up with people  being scammed over the most basic failure of trust requests- its really sad.     Fiverr will be no different, and until they can find a way to mitigate and scan these types of acts (which I doubt they will be able to or will dedicate the time to manage this type of issue), You just have to be cautious with everything.     Fiverr is a great way to earn money and build your professional resume, but don't let emotion/ money/ or lack of activity push you into making a silly error.     

Bottom line-  Don't accept messages or gigs that are not officially presented through fiverr.com's formal services.  Report all messages that do offer services via outside discussion to fiverr and block them. 

If anyone on Fiverr needs advice or has questions about a private message offer that doesn't appear authentic or some sort of security concern around a "gig" you are performing, PLEASE reach out to me!   - I (DMZ Consulting) will be more than happy to help!  if its about an official message or security tasks concerning an official gig on Fiverr, I will answer your question for free.    We all need to be safe!

Good luck!

  • Like 17
  • Thanks 2
Link to comment
Share on other sites

  • 0

I am glad someone is speaking about this, because I just received a suspicious message concerning one of my gigs.

It was a translation work from English to Spanish, a blog post, they said. 

I didn't exactly click on the link that he/she provided, yet I copied and pasted it onto a special browser that blocks any trackers while it hides my vpn. When I opened it, it seemed like a regular blog page.  What is suspicious to me is the "offer wall" that appeared in the blog. I risked myself and clicked on it but nothing happened... Luckily. 

 

I had an odd feeling and decided to scan the pages through the tools provided in this thread. It showed that all was clean, but there was an absence of security rating. Let's see what will happen with the document they're about to send me. Screenshot_20220227-011359_Fiverr.thumb.jpg.330eb5b3b844855216b95e516dc49f37.jpgScreenshot_20220227-011404_Fiverr.thumb.jpg.596f8de03085f21717b3b56dc50a6432.jpgScreenshot_20220227-011430_Fiverr.thumb.jpg.fc4715d4a51313834015f54a4d356a42.jpg

 

  • Like 3
  • Thanks 1
Link to comment
Share on other sites

  • 0

It's happen to me 1 year ago. I've download a zip file and when I open, I have lost all of my data. I had seen a text file in every folder on my pc. There was a mail to contact with them. They ask me to send them 500 usd to solve this problem. I suggest everybody to use security software such as eset, kaspersky to protect our computer. 

  • Like 2
  • Up 1
Link to comment
Share on other sites

  • -1

Yes You Can | 

If someone send you a .exe file or any kind of images that already corrupted, if you open, you will be see a website same as fiverr, and now if you input any kind of Credential, that you used already, hacker can easily monitor your browser, its like extensions or addons, 

So when someone gives you any files, before you open must be check with Virus Total Website, And Must Be Enable Windows 10 Firewall

 

  • Like 38
  • Up 2
Link to comment
Share on other sites

  • -1
On 1/12/2022 at 7:15 PM, mauro_523 said:

Actually I was about to write a post about my experience here. Fiverr is not as safe as this comment claims:

Sadly, it is completely the opposite.  While Fiverr scans every file sent through the platform, it has no way of scanning links or compressed files. Some so called "buyers" will message you and send you a link. Once you open the link you are done, your system has been potentially compromised to whatever illed intencion they have. Be careful out there. I have been receiving this kind of messages with suspicious links quite frequently these past 2 months.

If buyer send me a suspicious link then what will i do? Report to fiverr?

  • Like 28
Link to comment
Share on other sites

  • -1
On 1/12/2022 at 7:15 PM, mauro_523 said:

Actually I was about to write a post about my experience here. Fiverr is not as safe as this comment claims:

Sadly, it is completely the opposite.  While Fiverr scans every file sent through the platform, it has no way of scanning links or compressed files. Some so called "buyers" will message you and send you a link. Once you open the link you are done, your system has been potentially compromised to whatever illed intencion they have. Be careful out there. I have been receiving this kind of messages with suspicious links quite frequently these past 2 months.

I've also been receiving this kind of messages with suspicious links quite frequently. But I don't click tese link. I give answer them, 'sorry. Why not here? wWe can discuss here.'

  • Like 22
Link to comment
Share on other sites

  • -1
On 1/18/2022 at 8:48 PM, shahadatsajib said:

@mauro_523 Can  you tell me more about harmful and fishing link? Also what is your bad experience with your buyer about any harmful link?

I think I haven't compromised my system by clicking anything suspicious so far so I don't have any bad experiences to share... but I have been receiving more and more of these requests with suspicious links (Again, I don't know what the links do or where they take you because I don't clic them). An usual request with a suspicious link looks like this:
Screenshot_6.jpg.9b2ea7f70212ee3c54d22f9857042a66.jpg
(I have sensored names and sensible information as well as the link so no one goes and use it)

 

Another great example is this one:
Screenshot_5.jpg.1b53dc3dcac32c086b4f8b25c4d339e5.jpg

I don't know how they manage to hide the actual link but my browser showed a different link when I tried to click it. A good idea is to always hover your mouse over the link so your browser tells you exactly where that link is taking you.

 

Some other times they send you files named like something you would recognize (like a .zip or .pdf) but it's something else. Luckily, Fiverr does detect and block these:
Screenshot_13.jpg.bf1c5255966f31d024a3b528476ef31a.jpg

 

Also, these images show the beginning of the pattern I have been using to detect these people. They use always the same wording ("i give you sample sir" gibberish) and most of the time a very broken english. I have seen them swarming the buyers request section with exactly the same message:

Screenshot_1.thumb.jpg.a34f581582953b18ffcf9370ace24ce5.jpg

-

Screenshot_2.thumb.jpg.785b3dd3c5d385f5a8a026fb8c4f74e5.jpg

-

Screenshot_3.thumb.jpg.65294f17161250eaa69dec5651eff870.jpg

-

Screenshot_4.thumb.jpg.09305a8acaae8db929dd939d1ac348e7.jpg

-

Screenshot_7.thumb.jpg.5eac72da7f63a7df19c89510aeff74b6.jpg

-

Screenshot_8.thumb.jpg.c15ad08a5c05738edae2a199ad29dc23.jpg

-

Screenshot_9.thumb.jpg.12b9be37eb9d7876671bd45a1bd28f52.jpg

-

Screenshot_10.thumb.jpg.277cd2e31a3a21b326e53d67b3811724.jpg

-

Screenshot_11.thumb.jpg.2bef649fe2079e563ce62d2e8010574c.jpg

-

Screenshot_12.thumb.jpg.e96ff3fa4d76bdb76eb64e7f1cd88870.jpg

All these pictures were taken from the buyer's requests section with very few days (or hours) appart. I don't know why someone is so eager to make you click a link and quite frankly it scares me to even think about it. Sadly, I think we are being targeted and this only shows the beginning as most likely they will start changing their methods to something more effective.

On 1/23/2022 at 8:25 AM, mahedi_hossain said:

If buyer send me a suspicious link then what will i do? Report to fiverr?

But of course! Don't hesitate to report and block anyone with a suspicious attitude.  

  • Like 22
Link to comment
Share on other sites

  • -1
On 2/2/2022 at 11:46 AM, dmz_consulting said:

at virustotal.com and urlscan.io.  While these websites are 100% in investigative confirmations of nefarious actions, they will give you a good idea if the URL that was sent to you is trustworthy or not. 

Thank you very much for sharing your tools. It is really important to raise awareness on how to counteract these issues. 
What I usually do when I receive links here on fiverr, is to copy them and open them in a virtual machine, just to check what the link contains without the risk of damaging my own system... But as you say, the best way to detect these is to use our own criteria. 

  • Like 9
Link to comment
Share on other sites

Please sign in to comment

You will be able to leave a comment after signing in



Sign In Now
 Share

×
×
  • Create New...