08/06/2017 - Phishing Attack Alert!


#1

Buyer: “hi there … can you assist me for a moment before I order?”

Me: “Sure. How can I help you?”

Buyer: “I have made a list of requirements for you to have a look. Please shed some light over budget and time required to do this.” Such a generic message that can fit any kind of service a seller offers. In the attachment, of course, is a doc file with a random name that consists of a script that changes your password immediately when you open it. DO NOT OPEN IT.

Me: “Can you please send your instructions through here as plain text? There is a lot of phishing activity on Fiverr via doc files and we need to be cautious, especially considering the fact that you signed up on Fiverr only this month and are not an old buyer. Otherwise we will not be able to help you.”

Buyer: Silence…

This happened a few minutes ago. Buyer is from India and signed up on Fiverr only this month and probably sent the same message to dozens of other sellers.

When you receive a suspicious message like this do NOT open the doc file, and check the buyer’s profile. If they signed up on Fiverr recently it is 90% a phisher. Report immediately.


#2

I will never open a document of any sort without further information and a legitimate project proposal.

I also always ask for dropbox/Google doc files so that I can review the content within before downloading.

Hope this helps!


#3

same message here “hey there … I have a small concern before placing an order. Can you help me?” and doc file attached.


#4

In the attachment, of course, is a doc file with a random name that consists of a script that changes your password immediately when you open it.

What password does it change? The Fiverr password? Did it change your password? What type of script is it? An MS word script? Something else? Also, one thing which can be done if people need to open sent files in MS Word is to set Word up so that scripts are disabled for downloaded files. Another thing which could be done is to open the document in Open Office Writer instead (which, I believe, should also prevent scripts from running). Also, set Windows up so that extensions for files are displayed.


#5

In the past I did the mistake of opening one of those doc files and my Fiverr password was changed. I noticed my mistake and changed my Fiverr email & password immediately. I have been staying away from doc attachments ever since.


#6

Oh my, that must’ve been a scary moment. How did they access your account via a document though. Do you know what it contained?


#7

@flatio thank you for letting us know about the virus and saving us from stupid hacks. Now I will avoid and report such kind of buyers.


#8

Trojan with doc extension -keylogger -easy to have full control after .I received the same message as @flatio


#9

Thanks! I wanted to know what they are using.


#10

I always open any kind file on attahcment that look suspicious, through Fiverr android app first, even its just some image (especially when the size too small) after sure its save, then followed to open in my Computer

or worst, this “Buyer” could put link that look like you just been log out fiverr, to make you login again on fake page

that kind of thing need to be careful this day, make sure you put good antivirus/firewall thing


#11

Exactly!

I don’t recommend using your phone as a launch pad. If the file is suspicious or deemed unsafe don’t open it regardless.


#12

Hello friends,

If any one who send same message to lot’s of member it will automatically terminated withing some couple of minutes.
so that reason you will see under message like"This person may not be contacted at this time "
or if you try to see that person profile it will looks like "This page is no longer available "

I have more then 2 experience like that

I hope it will help.

best of lock for all

Best Regards,
Jaydeepsinh :innocent:


#13

The good thing is that antivirus program like A**st scans the file before you download it .


#14

try using online convert from doc to image pdf


#15

This is a common pattern for Phishing but do you not have a decent firewall


#17

Call me naive but I didnt know you could get scamed by opening a doc file :scream: Thanks for the heads up.


#18

oh my god!!! me too!!! :eyes::scream::scream:
Mod Note: image removed as it shows another user’s name.

I opened that file from my cell phone… . . . :fearful:


#19

Never open attachments. If it’s text content, ask them to copypaste it to the message itself. If it’s an image they’d like you to see, ask them to upload it somewhere, like imgur.

I don’t understand why it’s even possible for one to send attachments to random people, especially if there’s no file scanning features to prevent malicious file transfers.