Fiverr Forum

Stop getting your accounts compromised


#1

Stop taking risks with your email account, your fiverr account and your ID. follow some simple steps if you are not sure who you are dealing with.

#1 IF someone asks you to use a gmail account or other specific email account that’s a flag. If you are not sure who you are dealing with OUTSIDE fiverr use a disposable email address like this http://www.fragglesrock.com



#2 If someone contacts you on fiverr asking you for your e-mail address tell them NO. Not only does it breach the fiverr TOS but the person now has a shortcut to your account if they are trying to gain access.

#3 People play on greed to gain access to your fiverr account or any type of account. This is the #1 method used in social engineering. Most of these low level attempts to gain access to fiverr accounts use the same method. I can promise you blah blah amount of orders or xxx amount of money if you work with me… Just verify your ID.



STOP. Right.There.

why are you verifying your ID? you don’t know who they are. Ask them to verify theirs.In fact do not bother. Tell them to get lost.

#5 DO NOT SEND ANYONE ANY CODES. Repeat. DO NOT. Use your head. Why would someone go to the length of creating a code for? This is not mission Impossible. Ignore them. Do not reply and do NOT converse with them any further as they may try other ways to gain access and gain your trust.

#4 Consider using a locked down email account attached to your fiverr account. Do not use it for anything else except payment and do not communicate with anyone with it.

#5 If someone sends you a link. Regardless of if its inside fiverr, to your email or in a chat window and you are not sure of the ID of the person sending it. DO NOT click it. If you are not sure about a URL put it in here. http://www.fragglesrock.com/ Its very easy to spoof an address and it may not be what it appears to be.

#6 Most people use the same e-mail, same password and same ID everywhere online, for everything. Do not be most people. Use secure passwords and different passwords for every account with a secure password generator, just google it and then store your accounts in lastpass or similar . You can login to lastpass from any computer you have access to.

Lastly. Greed is not good. It kills common sense and IQ’s drop below room temperature when people float money in front of your eyes. Use your common sense and stop and think before responding to anyone, regardless of what they are telling you… It is the internet and sharks are waiting to bite off your wobbly bits.


#2

Very very good points stated. :slight_smile:


#3

Good points!



Plus don’t really trust in your anti-virus - this technology is not really effective. Get yourself some firewall, and find some time to learn how to use it. Anti-virus may not know some of the latest (0day) malware and will let it do what it wants. Firewall does some behavior analysis which is a lot more accurate.

Think of it as of the Guard at the entrance door. Antivirus-guard will only check whenever the visitor face is in the blacklist. It is enough to put the mask on or put some cosmetics and the guy will be tricked. While Firewall-guard will follow the stranger, will check where he goes, what orders, how behaves and if he detects some unwanted activities he will immediately block and report it!

And yes, use licensed software and don’t forget to update it.


#4

Hey but what if you need the email address to assist with an order, genuinely for no other reason that to complete a job?


#5

e.g. setting up a twitter account and you need to make the buyer an admin.


#6

Reply to @ehelper888: This is not about that. This is specifically where people are trying to gain access to your account and your email and is not related.


#7

Reply to @ehelper888: In this situation I hope the e-mail is not the same with the one used for PayPal or fiverr. It should be absolutely separate, virgin mailbox.


#8

Great tips, thank you


#9

Reply to @markp: i see, apologies! :slight_smile:


#10

Reply to @kornilov: correct!


#11

Great post :slight_smile: Well organized


#12

Reply to @ehelper888: Also. You do not need to make someone an admin to get Twitter followers… or any other kind. The only reason people need to be an admin is if they are using Bots anyhow. I have thousands of followers and not one of them have asked me to become admin. Being an admin just makes it easier to add fake followers, which you don’t want anyway.


#13

nice tip you give thank you


#14

Great post! Common sense is a necessity.


#15

I’m just cut down that kind of conversation, around 15 minutes ago, someone send me a message that she will order my gig for 20, and she ask my email account with the reason that the file which should she send is to big to be send via fiverr. I’m already suspicious at the first time, the order fell high-sounding to me, then when she told me that the file is so big which over the attachment limit (50MB), I made her a joke that her file cannot be the .mkv file which could be over 50MB or even bigger until reach 6,2GB per file (which I meant the blue ray file :slight_smile:

At last she said sorry to interrupt me.

My point is how should we do to somebody like that? should we report them or just ignore them which might looking for another prey?


#16

@hidethejackal and anyone else. If anyone contacts you with a request like this give them support@fiverr.com as your email address, some of them will be stupid enough to use it, also use two step authentication on your Gmail account if you are using one. This will secure your account.


#17

Reply to @markp: ok, cool. nice advice!


#18

Common sense people, common sense!


#19

good tips and helpful insight. now it’s up to the legit community members to make use of the pointers stated here.


#20

Great advice, most often than not overlooked. Thanks for sharing =D>


markp said: It is the internet and sharks are waiting to bite off your wobbly bits.
Yeah, there are far more sharks on the Internet than in all the oceans and seas put together L-)