Jump to content

Beware of Phishing Attack


numansyed2212

Recommended Posts

Posted

I receive 2 emails from Fiverr that i have Got orders, but nothing in my Dashboard… I got emails from this email address, noreply@e.fiverr.com And the link provided in that is
http://www.five**.com.ru/linker/?order_id=FO4B836727&view=order
http://www.five
.com.ru/linker?order_id=FO4**B836727&view=order
If i open the Root domain It redirects to Payoneer Account Page. While opening above link takes me to a login page. I m attaching the screenshots for both Emails. Order numbers provided in emails are
Order #FO466B836727
Order #FO466B836727

Beware of this kind of Emails, that might be a phishing attack. Keep Your Email address Safe, and Report instantly if you found any Email related to it.

Moderator Note: The exact links have parts removed to ensure no one will go to an unsafe link.

Posted

The “.com.ru” domain extension is a dead giveaway to the spam nature of those links. This places the copy-cat domain in Russia, as “.com.ru” represents the Russian Federation. Legitimate Fiverr links will always be “fiver.com” – nothing else. Subdomain elements might exist before the name, but nothing after the .com…

Don’t fooled by pretenders. Fiverr is not a Russian company, nor does it have a Russian domain.

Posted

Thanks for sharing numansyed2212 and for the additional details jonbaas
If I may ask a question, what happens if you follow through? I clicked on the links and it just goes to my dashboard. Perhaps CS has already done something about it.

Posted

I see no way to tell the difference aside from the message: “You session has expired. Please login again.” The links I am seeing do not end in com.ru. Maybe they’ve been change recently. Thanks for the warning.

Guest frostypinkyph
Posted

Main website has SSL (Secure Socket Layer) the green lock icon besides the address… except for its subdomain.

Posted

Thank you for the heads up.
BTW, here is a piece of advice. I never ever click a link from the emails that I get from fiverr. If I receive an email saying I have a new order/inquiry, I would directly login to my account from fiverr.com and check it. Or if I’m on mobile, I will always to go the app to see what’s up.

That’s the simplest thing everyone can do to protect yourself from phishing attacks.

Hope this helps. 🙂

Guest lesmeursault
Posted

Thank you for the heads up!

Guest mudasir84
Posted

thanks for sharing '‘Beware of Phishing Attack’'
today i also receive a fake order e-mail from fiverr.com.ru

  • 3 weeks later...
Posted

I click on the link and it ask for login. To my surprise I got the email to email address which is not associated with Fiverr.

Can they steal credentials which are saved in my browser?

Posted

Update: Below are Email details which I received. Hope it will help.

========================================
Subject: Fiverr: Congrats! You have a new order from ashley19s.
X-PHP-Script: www.djamaa-el-djazair.com/site/rsp.php for 41.142.167.86
From: Fiverr <noreply@e.fiverr.com>
Received: from suzuki.websitewelcome.com ([192.185.2.175])
by cm4.websitewelcome.com with
id aBql1s00J3mZUjk01Bqmwy; Fri, 25 Mar 2016 06:50:46 -0500
Received: from djamaa by suzuki.websitewelcome.com with local (Exim 4.86_1)
X-AntiAbuse: Primary Hostname - suzuki.websitewelcome.com
X-AntiAbuse: Original Domain - gmail.com

X-AntiAbuse: Sender Address Domain - suzuki.websitewelcome.com
X-Source-Dir: djamaa-el-djazair.com:/public_html/site
X-Source-Sender:
X-Source-Auth: djamaa

Guest heatherwrites
Posted

This is Serious!

  • 5 weeks later...

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...