Beware of phising / hacking requests!


#1

There is a user by the name of ********** . He will send a general request about a project and let you know that the details of project are in a secure dropbox account. He will link you to a website which mimics dropbox and then asks you to sign in with oAuth through google, aol, yahoo etc.

This directs you not to google or the destination service that will properly log you in, it will instead steal your password your phone number by presenting a form that mimics that of the authenticating site. It then directs you to a random PDF about wealth management.

This is a very serious issue that can compromise your e-mail and any other information regarding other accounts you have that could possibly use that password you have. Please be careful out there.

This is the link I was provided. [DO NOT ENTER ANYTHING ON THIS LINK!]
********************.

MOD NOTE: Username & Link Removed


#3

Here a picture of the phising request !
Mod Note: Screenshot removed. Please remove the username before reposting.


#4

:roll_eyes::roll_eyes::roll_eyes::roll_eyes:


#5

Why remove the username?? The username is important factor in protecting other vulnerable users!


#6

You could report that user to customer support so they can suspend that and hopefully all following accounts he might try to create, there’s “Report terms of service violation” in the drop-down for such things.

https://www.fiverr.com/support_tickets/new?source=help_center

On another note, though, since the ToS also forbid to share email or other contact info unless approved for a gig because of the gig’s nature, you might actually violate the ToS yourself if you log into a (prospective) customer’s dropbox account through Google, etc. The reason that sharing dropbox links is allowed in cases where files are too big to upload them on-site here, etc., is that it can be done anonymously, after all.

So, yeah, people, beware and if you get a message that seems fishy like that, better immediately report it to support instead of clicking on it or even logging into any site with your precious credentials.

Edit: the username thing is a forum rule which makes perfect sense if you think about it, because there are people who’d post unproven things about others, slander others on purpose, etc. -> Forum Rules + Do’s and Dont’s