Fiverr Forum

BEWARE of phishing attempts by potential customers!

I just got a quote request from a user thom****gh001 with a link that looks like this:

https:// philoXXXXXX.*********.com/XXXXXX /main.html

It looks like a login page for DropBox and has buttons to use your email to login and see the “attachment” related to the quote request.

This page simulates being a login page but only gathers your email and passoword.

DO NOT PROVIDE YOUR EMAIL ADDRESS AND PASSWORD

Please be careful of these phishing attempts and request attachments to be sent via Fiverr directly.

I already reported this suspicious activity but others may arise.

Take care.

Mod Note: Link edited.

19 Likes

I received one of those just today. :scream:

Their account was just set up this month. :thinking:

I told them all information had to be submitted through Fiverr and furthermore I did not have a Dropbox account. :face_with_raised_eyebrow:

Shortly after that I got a message from Fiverr that the user could no longer contact me and when I looked for them they no longer had an account. :wink:

6 Likes

Just now got one too, 10 minutes ago. Link and name as in OP, totally irrelevant general bla text. If it’s the same one you reported, Vickie, it seems the account is still active. Well, he got another report now, hope that will be enough soon…

6 Likes

Maybe they created another account? Or they could have blocked me once I let them know I was on to them. :thinking:

Mine was from a person whose location was a continent country. But his language patterns did not indicate that. :roll_eyes:

3 Likes

Thanks for the heads up. :hushed:

Yes, profile location and ‘kind of English’ didn’t match.

Never click on the link that you aren’t sure about it.

Second, dropbox has downloadable links where you don’t need to add any info. And you can clearly see that links are from dropbox and not from some fake website

2 Likes

some days I’m getting several of these a day with different variations but the aim is the same; I don’t even open the links because its obvious what they are are and I just report them right away.

Most of the text is very generic and can apply to any gig. I got one from the same account mentioned above and if you look at the text its obviously not gig or user specific and is full of nonsense. Some of these people though are getting smart & If anyone sends you a link and you are not sure what it is just tell them to send you the request as text. Tell them the inbox is for discussing order requirements. If they are up to no good you will not hear from them again.

2 Likes

I got one the other day with some generic message like
hello I am very interesting in hiring you. Look at my message and we can place an order for your service.

1 Like

I got this Link. I reported this to Fiverr.

1 Like

Thanks for the info. Steve

There is another way I experienced.Some guy(Obviously he was not a buyer) send me a RAR file and a password to open it,Immediately I have informed to fiverr customer service then

1 Like

Thanks, good advice to be aware of what may happen.

I wonder if people on the forum get these more than other sellers. I have a feeling I get more curiosity seekers contacting me due to posting on the forum. We are more visible to a certain type of person by posting here.

Well, that is kind of true but I think the benefits from the forum is much more than one or two bad experiences

Thank you. It will really Help us.

Getting dropbox business phishing urls few times a month, blocking and reporting the users. Be careful.

1 Like

Has anyone noticed that fiverr now sends this message with attachments?

Please note: This message contains attachments that cannot be scanned. If the files seems suspicious or you weren’t expecting to receive anything, we suggest you don’t open or download them

I get this quite a bit too. The best thing is to always be wary of attachment files (especially if it’s only one attachment).

Don’t open external links that have something to do with Dropbox, PayPal, or anything that requires a username or password.

Tip: if the suspicious profile has a profile picture, reverse image search the profile picture. Most of the time it’ll be a fake profile picture.