Fiverr Community Forum

[BEWARE!] Latest News on Fiverr Scammers – Story

Today I was hacked.

Through Fiverr.

It was both a terrifying and hilarious experience.

However, this is not a joke. My life depends on what I make through Fiverr, and my career is growing strongly because of Fiverr’s system. Let me share this story with you and buckle up because it’s been one hell of a ride. Take this as a warning but also as a lighthearted story, it ends well.

All of this happened in two hours, and I’m just now taking the time to make sure that it doesn’t happen to those who read the forums. I’ve been a seller on Fiverr for 9 months, and I’ve been growing steadily ever since I started. I thoroughly enjoy the platform and have nothing bad to say about it.

However, here’s a message I received three days ago.


If you work on Fiverr on a regular basis, you know how busy it can get. It’s rewarding but also exhausting and very fast-paced. You barely have any time to think during the day and once you are done, you’re still thinking about work, which is something that I am currently working on to eliminate.

However, I’m a Translator/Copywriter. I work with word counts on a constant basis and here’s the thing; I KNOW that Excel files do not show the word count, and that’s why I understand if clients say they do not know how long the file is.

But I was called “miss”.
I mean… I should have known better there.

Me being stupid aside, the grammar was less than ideal, but I never even pay attention to that, I thought it was some Chinese buyer that couldn’t speak or write English very well. I get genuine buyers looking for translations for knockoff products, which is fine by me, as long as they are not scammers.

But something… something was fishy about this doc.

Please note that I’m not programming-savvy. I know how tech works, but I don’t know how Microsoft Office VBA does (environment for macros on Office products, Excel in particular). That’s what got me because I am VERY aware of scammers and I always ask questions in advance before downloading random docs.

This time, I wasn’t as cautious.

However, even when I was prompted to “include contents”, nothing happened, and I simply ignored the message going forward with my life on Fiverr. A happy working life, a productive one. Until I got this message today asking me to do a similar thing… in a different way.


And again, I was in the midst of working.

Knowing how fast you can lose on an offer through Fiverr, I replied very fast. I have a method for this now, and it’s been working fine for the most part. However, I immediately noticed the resemblance with the previous message, and I was a lot angrier at the sender for showing yet another blank file.

Here’s the deal though.

See that little checkmark that Fiverr shows under each document that’s being sent to you? Yeah, DO NOT TRUST IT. I don’t know what it means, but it definitely has ways to go before becoming actually beneficial to sellers. This file… oh my, this file f*cked me up.

I want you to focus on the “include contents” part. This scam technique is smart. They know you’re busy because Fiverr shows a lot of data around how much you work. So they send the file first in a general, nonchalant way. You notice there not being anything, BUT YOU ALREADY HAVE THE FILE ON THE PC.

This is most likely bot behaviour, so I’m not expecting there to be a person on the other side. However, as soon as you reply saying

There’s nothing!

you get a

Include contents, sir!

I mean, they asked nicely, right? So you do it.
That’s when you shouldn’t have done it.

The file itself has no problem, but somehow scammers are able to bypass antiviruses with this technique. I do not know how, but it’s real. After just five minutes of doing that, my browsers stopped working. I wasn’t allowed to go on the internet with perfectly functional providers, even my phone.

At first I thought it was the usual Wi-Fi hiccup, but oh no. I knew what was going on. I noticed the tangy smell of fish coming through the screen so much that I even texted my girlfriend acknowledging how annoying these people were BEFORE I would realise I was getting hacked.

Long story short – someone calls.
I glance at the screen of my personal cellphone.

+**** ********, ******, ****

But I live in Italy…

And I haven’t had contacts with people from London for months.

I have to be honest – I s*at my pants at that point.

Everything was going through my mind so fast that I couldn’t fathom it being real. Turn off the computer, change password, withdraw money on Fiverr, check on crucial data from my Mac (I have a personal and a work computer). This had never happened to me before, and it was scary.

However, I know how important privacy is. I know how damaging things like gossip, easy-to-spot passwords, and generally giving up a lot of data are. I’ve always been very cautious, using password managers, automatically erasing history data, clearing cache, clipboard, and so on.

But even then,

What did they know about me?

Were they able to see my financial statements?
Could they access my bank account?

Most importantly though,

Could they hack my Fiverr account?

You see, Fiverr is, by all means, amazing.

Not only did it give me the opportunity to work hard on things that I love, but it made them my career.

This is unprecedented in the tech world for people who aren’t as lucky as those living in large metropolitan areas, and Fiverr literally allowed me to move from a small city to a fantastic metropolitan area in Italy, Florence (I have no problem stating the city that I live in).

It’s where I met my girlfriend, and it’s where I feel at home.

So, there’s a lot that I have to thank Fiverr for, but there’s also a lot that they should improve on. This is not the only time that people try to scam me. I never thought they would succeed honestly, but they did, and it truly felt like a movie. I was helpless, going through menus to secure my data.

However exhilarating that might be, I don’t want this to happen to you.

I backup ALL my data through extremely secure cloud services. I also make physical copies every month. There is no space for data hiccups in my work environment, and it should be the same for you. However, you can’t help but wonder if these services really are all that secure when this happens?

For example, I know that I will have to change my phone number.
But when you think about it, there are so many things that are compromised now.

I am already working on installing a clean version of Windows through the BIOS on my laptop without even turning on the computer, but even then, did they block my BIOS? This is not a big issue to me because the laptop I was using for work was a lesser version of my personal one… on purpose.

However, I was thinking about upgrading.

What if this had happened with a 1000$+ machine containing my work life’s worth of data? That wouldn’t have been pretty. And even if my machine is worth around 250$, I still care about it; it’s worked for me and I still want to use it. It’s not just the price, it’s what you go through with these devices.

So, here’s what I have learned from this experience:

  1. Never underestimate privacy. I never did, but I now know how much more important it is.
  2. Never trust anybody. I’m not saying on Fiverr, I’m saying in general. Take one, two, twenty days before accepting seemingly incredible offers. Do your research.
  3. Always backup your data. You have any idea how bad this would have been if I didn’t meticulously update and backup all my data every single day of my life? Yuck.
  4. Understand your value. You’re on the marketplace, and you are valued in dollars. You, your name. People will want to take that away from you, so be wary of anyone and anything.
  5. Reinvest in your business. Never take a chance. On Fiverr, you are your own business. Don’t let anybody take that away from you. Constantly upgrade your security measures with newer, better implementations. Highlight milestones of your career. Keep pushing!

Why do I say that it ended well?
Because I’ve already beaten them preemptively.

In two hours, all of what I’ve done for the past 9 months has worked in my favour.

There’s not a single password on my Google Chrome cache, not a single Word file with my passwords in it (surprisingly, I know a lot of people who do that), not a single way to get into my cloud services if they truly deliver what they promise in terms of security, and most importantly, not a way to access my most valued, most precious data.

I know this because I’ve been constantly cutting on the amount of info that people can see about me both on the internet and on my personal devices, and I’ll keep doing that on a constant basis.

You should do that too if you want to achieve success in a world where someone can send you a file and leave you a data-collecting voicemail/call just five minutes after getting into your computer. Of course, I didn’t pick up, and I blocked the number immediately.

This was my PERSONAL cellphone.
Nobody knows about it except people I care about.

With that said, I will go through all my passwords and change them this evening.
I will also do a whole bunch of security upgrades, which, by the way, are totally worth it.
Never ever skimp on security if you’ve got something to lose. Always keep an eye out for this stuff.

I hope my laptop will be recovered.
Otherwise, RIP second-hand Surface Pro 3.

I loved you, dearly.

In any case, I hope this was an interesting read. I’m actually happy this happened to me because it made me realise how far I have come and how much more there still is to do. Today, I can say that I was hacked, which is a freaking cool thing to say.

I might write abut it one day.

Peace,
Arrigo

Mod Note: Telephone number removed.

50 Likes

The first thing I do when someone sends a file is to click on their username and check when the account was created. If it is created within the past 1-2 months, then I do not open the file directly. I use VirusTotal, to check if the file is safe. If the VirusTotal says it has some virus(s) in it, then I immediately delete that file and just chat with the so-called potential buyer.

I have a MacBook Pro, so it had an option to press the spacebar and preview the file without actually opening it, so it also helps me to check if that is a real file or someone is trying to hack and overall Apple does have far better security than a Windows OS.

That is a good thing, that you upload your data on the servers. It is always safe there and no one can access it without your password. I even added 2-factor authentications for the more securities.

When someone is trying to hack your account, they will mostly say the same thing again and again: “Open the file. It has all the details”. That is another sign for a potential hacker.

That is very bad that the file was saying “No Viruses Found”. I don’t know what calculations they are using to confirm if the file has a virus in it or not.

I think it is better to use better hardware and software than the cheaper one. Security is important. Safety is important.

12 Likes

Can anybody summarize this story, please? It’s really loooooooong story. :slight_smile:

5 Likes

I can see that the OP has put in great effort in writing such a detailed post about their unfortunate experience (which probably wasn’t an easy thing for the OP to do considering everything they’re having to deal with right now) so that other sellers don’t fall into the same trap. @ryukyra Thanks for that! :slight_smile:

@muhammadfaheem0 Trust me… it’s worth reading the entire thing. You won’t be disappointed.

But, if you want a TL;DR, it is this:

  • Don’t trust Fiverr’s “No viruses found” notification that’s shown at the top of attached documents. In the OP’s case, Fiverr didn’t detect any issues with the files that the scammer used to hack the OP’s account/computer (possibly via macros/vba scripts).
11 Likes

Ok. Trusting you and gathering courage to read it all :wink:

4 Likes

:flushed:

:thinking:

:stuck_out_tongue_winking_eye:

13 Likes

They asked never trust anybody (any buyer) :stuck_out_tongue:

2 Likes

Sellers can also be buyers :wink:

3 Likes

How can I trust you that you are saying the truth?:rofl:

3 Likes

Thank you! I will check it out in the future.
Glad you read the post.

5 Likes

Lol, they left your sense of humor intact.

4 Likes

Just to confirm the entire story.
It happened with me for the first time since 2014.
This Holly also contacted me in the morning with the same intention:
2019-04-26_16-41-11

However, Kaspersky Antivirus simply not allowed me to do anything with the file:
2019-04-26_11-45-14

According to the information on their website, the file is infected with “Trojan-Downloader.MSOffice.SLoad”

This .doc/.docx document contains a script written in VBA (Visual Basic for Applications), which can be run in Microsoft Word. The script contains procedures for establishing a connection as well as downloading, saving, and running a file. The downloaded malware is most often ransomware that encrypts user data.

8 Likes

@vovkaslovesnyy @ryukyra have you reported this user? If not, you should.

4 Likes

Yes, sure!
When I saw “encrypt” word, I became a bit nervous :scream:
I still remember how our office was totally paralyzed after a secretary opened a similar file on her computer and went to the shared folder. All our work was simply encrypted, and our admin didn’t have a fresh backup.

4 Likes

I did, obviously.
Also wrote to customer service.

2 Likes

hope you are ok . Be alert for future

2 Likes

Wow, your comment is very helpful. Thanks iamsachmusic

2 Likes

Thank you for the confirmation. I’m glad to know I am not the only one that has to go through this kind of fishy behaviour from people on Fiverr. I am getting better at figuring out how to spot this kind of stuff.

5 Likes

:rofl: :rofl: Haha… You cracked me up… That was funny. :slight_smile:

But, in my defense, please allow me to quote something the OP said out of context so that it works to my advantage :stuck_out_tongue_winking_eye: :arrow_down:

So, Fiverr is okay. :stuck_out_tongue_winking_eye:

just kidding.

5 Likes

Hahaha :rofl::rofl::rofl:

3 Likes