Just wanted to share my experience and warn the others. I’ve been working on Fiverr for 2 years now and I didn’t have this problem in the past. However, in the last 2 weeks, I received 3 messages from someone who clearly wanted to hack my PC/Account.
They used 2 different methods, let me explain:
- He sent me a message in our inbox, trying to explain his needs and attach the file - pretty standard. What was suspicious?
- Really bad English. I’m not talking about someone who doesn’t know the language and is trying his best or uses a Google translator - it was looking like a ‘fake bad English’.
- New account, created this month, a few days ago.
- Size of the file. Considering his needs and the size of the typical.mp4, few KB were just a no.
I’ve downloaded a file (.zip) and scan it with anti-virus. NO VIRUS WAS FOUND. However, it was a .exe file which is something that you definitely don’t need as a video editor. Of course, I didn’t even click on it or unzip the folder. Delete immediately and change my passwords. I immediately reported this to the Fiverr support and they banned the account.
Unfortunately, he contacted me again yesterday or something. Same message, same file - just a different, new account. He got reported and banned within a few hours.
- This method is definitely more effective. ‘Buyer’ contacted me and explained that he wants me to create a gig video for him. What was suspicious?
- Again, new account. Created this month, a few days ago.
- Decent English but very short sentences, not many details about the project. He didn’t want to describe his need and answer my questions.
- Fast responses with some guarantees and good looking figures. ‘Budget: 100$’ or ‘I can pay it within next few hours’ etc.
Then instead of explaining his requirements, he just sent me a link to the example video so I can get the idea. Pretty normal thing - that was what I thought in the beginning. It was a ‘Fiverr’ link to someone else profile/gig. After clicking on it, I got to the new card with the information that I was logged out (only on this new card, I was log in within the original inbox and dashboard) and that I need to log-in again to check the gig video.
That’s the moment when I instantly click away and checked how the link looks like:
After looking at it for just 1-2 seconds, you will see that there is no ‘https’ and it’s not a typical Fiverr link - just something similar. The site itself looked exactly like a Fiverr log-in site. I have no doubts that if I would put my login data there, he would steal my account.
Just please be careful and don’t ignore the red flags. Hope that no one will be the victim of those guys. Thank you for checking the post and stay safe!