dmz_consulting

As a strong rule to follow, "Yes" all links and downloads should be considered suspicious. With that, you are using caution on every action you take online. Now, using the understanding of secure communications within a web application, ask yourself the following: Is your PC/ device up to date? Does your PC/device has antivirus and antimalware software? Is your browser up to date? Does your browser URL bar show the "lock" mechanism indicating secure connection? Now, within the web application (Fiverr.com) you receive a private message from another user. I do not find these messages to be screen thoroughly. I have received several external URL's to google documents, held on the outside of Fiverr.com's environment. As a Security Professional, that is an immediate red flag and would be cause for concern with that user. You can use some validation techniques if you desire: try copy/ pasting the URL sent by this user and checking it at virustotal.com and urlscan.io. While these websites are 100% in investigative confirmations of nefarious actions, they will give you a good idea if the URL that was sent to you is trustworthy or not. I will also submit, that while only being on Fiverr for a short time, I have received several suspicious messages from "users", where some were listed as "business accounts", asking me to perform services not specified on my listed gigs. Such as performing a "sit-in" at a table top meeting on a web application kick off meeting (serious??) and some other random tech requests that just didn't make sense. All of those users sent me an external URL/link that they wanted me to click to see if "I was able to accept the gig". There is no lack of scammers in the world of "services" via the internet. Social media (facebook in particular) is ate up with people being scammed over the most basic failure of trust requests- its really sad. Fiverr will be no different, and until they can find a way to mitigate and scan these types of acts (which I doubt they will be able to or will dedicate the time to manage this type of issue), You just have to be cautious with everything. Fiverr is a great way to earn money and build your professional resume, but don't let emotion/ money/ or lack of activity push you into making a silly error. Bottom line- Don't accept messages or gigs that are not officially presented through fiverr.com's formal services. Report all messages that do offer services via outside discussion to fiverr and block them. If anyone on Fiverr needs advice or has questions about a private message offer that doesn't appear authentic or some sort of security concern around a "gig" you are performing, PLEASE reach out to me! - I (DMZ Consulting) will be more than happy to help! if its about an official message or security tasks concerning an official gig on Fiverr, I will answer your question for free. We all need to be safe! Good luck!