Fiverr Community Forum

How would you enteract with buyers?

Safety and awareness? Would you install a software came from buyer?

Someone contacted me and send me a zip file contain excutable.bat so i reported the person

It contain
1 a bluff brief of what they need
2. .bat
3. .Exe


When you see a file with “bat” extension, you can think “oh my, I don’t like bats, why would I want to wake up a bat?” :stuck_out_tongue:

Anyway, after being hacked 7 years ago and $200 being taken away from me, I’ve learned all my lessons! Precaution has become a hardcore skill!

P.S. lucky for me, I have a Mac, which lets me peek into a zip file without opening it :mask:


Can you share your safety tips. Those will be very very helpful for us! :deciduous_tree:


That’s awesome!! love your joke LOLLLLLLLL
yeahhhh Y would I?

Yeah just be aware Guys


Of course - here are my 9 tips on staying on the safe side (why 9? I like odd numbers!):

  1. never open executable files with the following extensions, from people you don’t know: “bat”, “exe”, “vbs”, “pif”, “msi”, “com”, “jar”, “cmd”, “reg” (note that these can also be included in zip/rar archives, which you should be wary about opening in the first place)

  2. also be wary about opening “doc”, “docm”, “docx”, “xls”, “xlsx”, “ppt”, “pptx” files from people you don’t know, as they can be carriers of malicious macro code (open them only from trusted sources)

  3. protect yourself - use an antivirus & antimalware solution in case a trusted person sends any of the above and they were infected by a virus themselves without knowing, thus preventing the spread

  4. avoid opening shortened URLs, weird looking or suspicious URLs, as they can take you to a malicious site; if you’re really-really curious about where that shortened URL will take you, use a free anonymous proxy browsing site and uncheck the “script” option to disable scripts

  5. unless you’re a Java Applet developer, disable Java in your browser, and use a plugin that blocks Flash media

  6. if you’re really scared, you can disable JavaScript in your browser and manually/selectively enable it on just the sites you know and trust (there’ve been plenty of JavaScript attacks) - this will require some getting used to since most sites will display badly at first visit due to JS being disabled by default

  7. don’t share any personal info, like ever! Not only is it against the ToS, but you can risk a lot of bad stuff happening to you by doing that

  8. use a Password manager app & browser plugin - avoid manually typing your passwords in text fields, even on Fiverr - that’s how I’ve been hacked and lost money when a keylogger captured my passwords :sob: ever since I’m using a password manager software with a browser plugin that automatically fills the corresponding text fields without me typing anything

And last but not least, if something sounds to good to be true, then it probably is.


My safety Tips?

Never install a software any software

1 Like


I’ve reported these 2 person


Nice tips! Thanks
How we can properly check zip file before opening it? And how keyloggers can come in our system? Are they also come from our browsers in Java Scripts or only in executable file?

1 Like

If you have a Mac, you can simply press “Space” and it will show the hierarchy of files in the zip archive. If you’re on Windows, then I don’t know of such a functionality, and you can only open the archive and look inside it yourself but without opening anything.

Keyloggers can come from many sources… they can come via executable files, but in my case it came via a Java applet on a site (and I don’t mean JavaScript, which is a whole different thing) - a user sent me his site via Fiverr Inbox, I opened the site to see if I can make a report for it, and the site loaded for a while then all was blank. Next day, money gone, account compromised :frowning:


Amazing so how we can make safe our self from such a website? Mean we have only a link and no clue what it contains.


That’s simple:

use a free anonymous proxy browsing site and uncheck the “script” option to disable scripts


Install a good anti-virus. Mostly anti-virus stop the network attack. ( I mean attack from a website or computer)

1 Like

Ok! Yeah sometime clients come and say they need to change something on their website and they give also link of their website. So for seeing their problem I must need to visit their website that what is going wrong.!

1 Like

Thanks for the heads up! The world needs more people like you :smile:

1 Like

Guys heres the simplies way to avoid being hack.
If someone give you a zip file dont unzip it double click it and you will see the file inside reading is the best key. Virus will not activate because it unzip but uyou already knew whats inside

Well muhammad you can view the zip file but never ever unzip first. Double click it. Virus and what ever that was will never activated because its unzip

Reading is the key


great advice. it really helps

And one tip that I want to add is “use online website checking system” like Norton Safeweb or Google Transparency Report.

Put your url there and they will give you report that your entered url is safe or not!

1 Like

This is me basically lol


If you found a .BAT file in your system be careful. there are many .BAT files are system files. Before Deleting files you must confirm first its not system file.