Jump to content

I think I was hacked by a buyer


adityasharma3d

Recommended Posts

I just got a message from a buyer, I really want to give his name here so others won’t fall for it. The message wasn’t a template but a custom one and thus seemed genuine. He wanted me to transcribe a video and he was unable to download the video himself so wanted me to visit the link and check out the video myself. When I clicked the link, it went to a page that probably triggered a script that jumped through various sites and finally reached my facebook profile. I have changed my passwords on most of my crucial sites an use mobile verification or 2 step authentication on them. I thought I will just share this and also share how happy I am that fiverr implemented the mobile verification feature, as I am getting verification codes on my mobile and I am assuming it’s the hacker trying to change my password or withdraw cash.
Anyone else had this issue and if yes, what did you do?

Link to comment
Share on other sites

I just got a message from a buyer, I really want to give his name here so others won’t fall for it. The message wasn’t a template but a custom one and thus seemed genuine. He wanted me to transcribe a video and he was unable to download the video himself so wanted me to visit the link and check out the video myself. When I clicked the link, it went to a page that probably triggered a script that jumped through various sites and finally reached my facebook profile. I have changed my passwords on most of my crucial sites an use mobile verification or 2 step authentication on them. I thought I will just share this and also share how happy I am that fiverr implemented the mobile verification feature, as I am getting verification codes on my mobile and I am assuming it’s the hacker trying to change my password or withdraw cash.

Anyone else had this issue and if yes, what did you do?

I am getting verification codes on my mobile and I am assuming it’s the hacker trying to change my password or withdraw cash.

So if you do not enter the codes you are getting to verify your account, how will you ever be able to withdraw money?

Why would the hacker not change the phone number?

Link to comment
Share on other sites

I am getting verification codes on my mobile and I am assuming it’s the hacker trying to change my password or withdraw cash.

So if you do not enter the codes you are getting to verify your account, how will you ever be able to withdraw money?

Why would the hacker not change the phone number?

The hacker will have to have my username, password (Which he might have gotten from the hack) but he would also need my secret answer. Also, the first thing I did was to initiate withdrawal then changed password.

But yeah fiverr should make code mandatory if you try to change phone number, I was able to do it without entering the verification codes and just using secret answer.

Link to comment
Share on other sites

The hacker will have to have my username, password (Which he might have gotten from the hack) but he would also need my secret answer. Also, the first thing I did was to initiate withdrawal then changed password.

But yeah fiverr should make code mandatory if you try to change phone number, I was able to do it without entering the verification codes and just using secret answer.

the first thing I did was to initiate withdrawal

Did you get a code to use to initiate the withdrawal?

Link to comment
Share on other sites

The hacker will have to have my username, password (Which he might have gotten from the hack) but he would also need my secret answer. Also, the first thing I did was to initiate withdrawal then changed password.

But yeah fiverr should make code mandatory if you try to change phone number, I was able to do it without entering the verification codes and just using secret answer.

I don’t see how he would have got your password, unless you clicked on and ran an executable (.exe) file or something (eg. you unknowingly installed a keylogger or something), or unless you typed your password into a fake site (eg. one made to look like a site you normally use).

  • I don’t see how he could have got your password from you just clicking on a link and it running scripts (javascript) * (maybe I’m wrong but I don’t really see it). Unless it could install some keylogger or you typed it into a fake site, it just shouldn’t be possible I think (JavaScript just shouldn’t have access to your password - there just shouldn’t be a way for it to.).

I’d also ensure you have anti virus set up on the machine, and if possible anti-spyware/anti-malware - and run them to ensure you have no viruses/spyware/malware. You could also have something like NoScript running (a Firefox plugin/extension) that would stop it from automatically running scripts (if also set that way in the browser) unless you told it to do so.

Link to comment
Share on other sites

I haven’t had any issues like that, let alone any buyers for that matter 😆 but thanks for warning the community and I’m glad nothing extreme happened to your personal accounts!

Hi, I just had a look at your profile, where are your gigs?

Link to comment
Share on other sites

I just got a message from a buyer, I really want to give his name here so others won’t fall for it. The message wasn’t a template but a custom one and thus seemed genuine. He wanted me to transcribe a video and he was unable to download the video himself so wanted me to visit the link and check out the video myself. When I clicked the link, it went to a page that probably triggered a script that jumped through various sites and finally reached my facebook profile. I have changed my passwords on most of my crucial sites an use mobile verification or 2 step authentication on them. I thought I will just share this and also share how happy I am that fiverr implemented the mobile verification feature, as I am getting verification codes on my mobile and I am assuming it’s the hacker trying to change my password or withdraw cash.

Anyone else had this issue and if yes, what did you do?

I received a similar message about wanting me to transcribe a video and that he was unable to download, however I have since forwarded the message to Fiverr Customer Support

Link to comment
Share on other sites

Hi, I just had a look at your profile, where are your gigs?

[details=OT @bernieeata ]I saw lastay’s post and looked at your profile too, Bernie, I can´t see any gig either, better check to make sure you activated your gig/s if you have any, and if you didn´t set any up yet, you´ll have to do that to get buyers 🙂 instructions here:

https://support.fiverr.com/hc/en-us/articles/201500856-Creating-a-Gig[/details]

Link to comment
Share on other sites

I don’t see how he would have got your password, unless you clicked on and ran an executable (.exe) file or something (eg. you unknowingly installed a keylogger or something), or unless you typed your password into a fake site (eg. one made to look like a site you normally use).

  • I don’t see how he could have got your password from you just clicking on a link and it running scripts (javascript) * (maybe I’m wrong but I don’t really see it). Unless it could install some keylogger or you typed it into a fake site, it just shouldn’t be possible I think (JavaScript just shouldn’t have access to your password - there just shouldn’t be a way for it to.).

I’d also ensure you have anti virus set up on the machine, and if possible anti-spyware/anti-malware - and run them to ensure you have no viruses/spyware/malware. You could also have something like NoScript running (a Firefox plugin/extension) that would stop it from automatically running scripts (if also set that way in the browser) unless you told it to do so.

I do have softwares installed but I never take chance on my main machine, did a thorough format and reinstalled windows.

I am sure the script that ran took advantage of Chrome’s auto sign-in feature. If you use chrome and have saved your password in it, then when you visit the site it automatically signs in.

I am no expert but I don’t see what else the link could have done, as it made it impossible to close the tab, stop the loading of the pages. I did see the script jump through around 15 to 20 sites super quickly and then land on facebook. I was already signed in on fb so it just took me to my feeds.

Link to comment
Share on other sites

Yikes! You’ve already notified Customer Support, right?

T&S will get it sorted. Did the supposed hacker, spring cleaned your account? (take your 💰)

If not, that’s the first thing their hacking fingers take.

I initiated the withdrawal myself right after I realized what had happened. But he seems to be trying to reset my password or something because I got verification codes on my mobile number like 20 times.

Yes, I did report it to the fiver, but his account still seems up.

Link to comment
Share on other sites

I don’t see how he would have got your password, unless you clicked on and ran an executable (.exe) file or something (eg. you unknowingly installed a keylogger or something), or unless you typed your password into a fake site (eg. one made to look like a site you normally use).

  • I don’t see how he could have got your password from you just clicking on a link and it running scripts (javascript) * (maybe I’m wrong but I don’t really see it). Unless it could install some keylogger or you typed it into a fake site, it just shouldn’t be possible I think (JavaScript just shouldn’t have access to your password - there just shouldn’t be a way for it to.).

I’d also ensure you have anti virus set up on the machine, and if possible anti-spyware/anti-malware - and run them to ensure you have no viruses/spyware/malware. You could also have something like NoScript running (a Firefox plugin/extension) that would stop it from automatically running scripts (if also set that way in the browser) unless you told it to do so.

Cross Site Scripting (XSS) attacks require no user interaction, beyond visiting the malicious page.

I have a separate, NoScript enabled Firefox profile for sensitive sites, such as Fiverr.

Also, I always make sure that I am never logged into more than one site at a time.

Cumbersome, but every little helps.

Link to comment
Share on other sites

Cross Site Scripting (XSS) attacks require no user interaction, beyond visiting the malicious page.

I have a separate, NoScript enabled Firefox profile for sensitive sites, such as Fiverr.

Also, I always make sure that I am never logged into more than one site at a time.

Cumbersome, but every little helps.

I too use FF with noscript for most of my browsing but I use Chrome for my freelancing work, maybe I will switch this to FF too. Thanks for the input tho, always good to learn something new.

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...