Receiving a virus from a seller


#1

I’ve just received a message today from a seller. It said
“hello dear i need . A Unique Facebook Timeline Cover for my company account and my company all details in this attachment please see this attachment and reply me are you agree for my work or not file password is 0000”

Capture

The moment I saw the file extension (exe) I realized that it is a virus

Capture3

The scan screenshot

Capture1

I don’t know why this seller did this , When having a good rating and reviews .

This is a message to all sellers , Please scan all received files before opening .


#2

Take all screen sort and send fiverr Support team.hope Support team will help you dear.
Some time sime buyer do this.


#3

I reported here messages In the inbox section , Should I also contact the Support ?


#4

Yes you have to contact with support team with all screen sort


#5

They will take care your issue


#6

Will do , Thank you for your help .


#7

i face same issue…


#8

yes dont open file .exe or .jar they contain virus


#9

In this case, it could be that either someone bought the account (not allowed to buy or sell Fiverr accounts, of course) or hacked it (not allowed either, obviously :wink: ). So, definitely report such things to support so they can look into it.


#10

I bet the seller computer has been hacked or infected. That’s why I use a linux distribution and virtual machines, so the documents of my customers are totally safe. I may add a tutorial on how to do it if I have enough time next week.


#11

More safety is always good, of course, but this looks as if the probable hacker had access to the seller’s Fiverr account, else they couldn’t have sent the message with the attached virus file, so they could get the customers’ documents from Fiverr anyhow if they wanted, by downloading them, no matter how well or badly secured your own computer is, or not?


#12

Maybe, but the only way to access your Fiverr user/pass is to get infected by a keylogger or trojan (or accesing from a public computer, never do that), that is, a malicious code written for Windows platforms mostly. So yes, it is heavily related to your computer security no matter the scenario (the only exception is that Fiverr itself got hacked). Using linux you are safe from those general attacks (if you are specifically targeted by a skilled hacker, you are not safe behind anything, but that’s not the case I suppose).


#13

I know what you are saying. Linux is definitively a better way to stay secure, but you still have to know how to secure your computer. And also, it’s kind of hard if you need to work with certain softwares.

I have been using windows with no antivirus for a while, for the simple fact that I know how to protect myself. Meaning, there are certain things you don’t do (like open an .exe you don’t know) and there are certain ports and protocols that need to be shut down.

But I do recommend a good updated antivirus to everyone else! :slight_smile:


#14

I doubt that’s the only way, but yes to the rest. :slight_smile:


#15

Yes definitely, Linux is not for everyone. I use isolated virtual machines for Office suite, which means a hardened setup for security against macro virus and such, and a Photoshop VM also. Both works flawlessly under Manjaro distro, which is also configured for extended security. Never had an incident, though yes, you have to know how to manage it.


#16

Well, I left out the obvious ones, like phising, social hacking, brute force (I think Fiverr is well protected against multiple account tries) and even someone looking your keyboard while you type your user/pass


#17

As a bottom line, it is recommend to ALWAYS have an antivirus program up to date. I recommend https://www.****, which is also free! No excuse to not be protected.


#18

In the windows 10 box, I use Kaspersky and GlassWire, with Winja for extra checking. But I really don’t do much on that box.


#19

Okay, now you covered most of what I was thinking of and I won’t mention the one left nor argue against one point I still am not convinced about, because of certain, if not obvious, reasons.

Making things as safe as sensibly possible, is a good thing, either way. I never had an incident either, though, and always used Windows, apart from a few months of Linux back when, which I had to give up because I had to use certain software at that time and there were no alternatives I could have used (I think for one there still isn’t) and while Linux was fun, and it felt good using it, it cost me quite a bit of time. And it’s simply not viable for many people. I doubt people who don’t know how to open a rar or even zip file, would access their accounts from public computers, open .exe files from unknown senders/sources, etc., would have much fun with Linux.
The penguin looks much more sympathetic than the Windows symbol, I admit, though. :wink: Maybe one day, under different circumstances, I’ll get back to it. For now, I’ll have to rely on Windows, common sense and pest control.


#20

Oh sure, I am not a Linux evangelist, I see Operating Systems just as tools. Windows can be as hard as a rock with the proper tools, and if Linux were used by a bigger number of people I doubt it will be as safe as it is now.

For people reading this thread, just stay safe, I think we already said the basics (good antivirus up to date, common sense, do not open executables, Windows updated, don’t visit warez/strange websites, browsers up to date always, beware phising…).

If a seller sends you an executable, never open it. Communicate with him to warn about that, and report. Same with buyers (I had some that tried to infect me with keyloggers and macro virus, was nice to see the macro doing nothing in Linux and Libreoffice). Reported them and end of history.