Clients sending requirements that look like phishing?

[roxana_nesfintu]

Hi everyone, it's the second time recently I'm being contacted by 2 different clients with very similar requests. "If I can check the files and if I can do that design" 

When I open the files there is a text with a link (where client says I can check the requirements) it is redirecting me to google drive, or looks like. I only tried the first time, maybe I was a bit naive, and could't open the file and asked client to send the requirements in the chat. He didn't, and the second day I saw the profile was cancelled. 

Today happened the same thing but with a different client from another country, similar message, similar request...I didn't open anymore.  

Is it possible they are trying to steal some data or something? Is this legit and I'm just being paranoid? It seems a bit strange honestly 2 different clients to send almost identical messages 🤔 

Did someone had these experience before? 

[anniejenkinson]

That is clearly the same client on two different accounts. Respond to this client that you cannot work on this project and block both accounts immediately. It is also worth flagging this issue to the Customer Support team as this is the same person, I believe. The pattern of word usage, sentence structure and content, even capitalisation is the same.

Definitely do not click links from that person.

[customerin]

Very complex situation! Inform to Fiverr's Support and block them immediately.

[smashradio]

Seems like a scam. If it wasn't, they could just send the link in chat. This is a typical method used to cover up harmful links. 

I have a virtual PC (basically a PC inside my PC) that I use to open any files I deem not 100% trustworthy. That computer contains no important or personal information and is not logged in to any services. That way, I can check the links without running the risk of them stealing my info or harming my device. 

Never open a link or file from a source you don't trust.

Red flags of scammer accounts are:

• Brand new accounts
• Accounts with names that doesn't match the country
• Lack of reviews as a buyer
• Bad grammar
• Requests too good to be true
• Urgent or threatening language
• Links directing you to login pages or forms
• Anyone who want to pay you outside of Fiverr
• Uncommon attachments, filetypes, filenames

To mention a few you should look out for. 

 

[roxana_nesfintu]

1 hour ago, smashradio said:

Seems like a scam. If it wasn't, they could just send the link in chat. This is a typical method used to cover up harmful links. 

 

Yes this is what I thought indeed, why sending the text file with very basic info again like "I would like the design to be similar to this one you see at this link can you do it" and attached the google drive link when they could just link the google link in the chat or the file in google drive directly in the chat. 🤔

 

1 hour ago, smashradio said:

I have a virtual PC (basically a PC inside my PC) that I use to open any files I deem not 100% trustworthy. That computer contains no important or personal information and is not logged in to any services. That way, I can check the links without running the risk of them stealing my info or harming my device. 

 

I'm usually pretty aware of scammers and fishy clients but I've had many experiences before with legit clients, even new once, sending me requirements on google drive, or pinterest albums ecc, so wasn't something new...that's why I opened the drive the first time I received this message. 

Since you seem experienced, may I ask if I run into troubles by clicking on the file in google drive the first time. The file wasn't opening and yes was a strange format of file indeed. Nothing was happening by clicking on it, a friend told me that probably was a windows file and that's the reason my Mac would't open it, but I'm not sure. What could I have compromised eventually and how could I check that if you have any suggestions? 

Thank you

[smashradio]

4 hours ago, roxana_nesfintu said:

Since you seem experienced, may I ask if I run into troubles by clicking on the file in google drive the first time. The file wasn't opening and yes was a strange format of file indeed. Nothing was happening by clicking on it, a friend told me that probably was a windows file and that's the reason my Mac would't open it, but I'm not sure. What could I have compromised eventually and how could I check that if you have any suggestions? 

It depends. If you didn't download it or gave away any information (like your login information to your Google account), you're most likely safe. Modern devices will also have a built-in antivirus, and protections against automatic downloads. 

If you downloaded the file, your computer could potentially be infected. I recommend running additional antivirus scans, using a good antivirus software. Bitdefender is consistently one of the best in reviews, but it is a "noisy" software, and by that I mean that it will bother you with notifications and popups from time to time. For that reason, I only install it if I suspect I'm infected. I uninstall it when I'm done scanning. You could run Malwarebytes in addition to Bitdefender, just to be sure. 

If you're on Mac you're a bit safer, since most malware is designed for Windows, but you're not 100% secure. It could have been a file running in the background without you noticing it. 

In regards to what could have been compromised, I'd say the biggest risk is ransomware. It encrypts your files and demand a payment in Bitcoin to release them again. But it could just as easily be malware that turns your computer into part of a botnet (a network of computers that hackers can control and use for illegal activity) or a simple keylogger, logging every keystroke you make, including your passwords. 

This is if your computer was infected in the first place. But I prefer to be better be safe than sorry about my cybersecurity. 

Edited July 26, 2022 by smashradio