Home computers can be used not only for hobbies and entertainment – it’s also possible to make money with them. However, as with pretty much all the other fields, con artists are never far behind and are always ready to abuse it for their own gain. They have now started targeting freelancers and trying to dupe them into downloading malware. This is done by sending them emails masqueraded as job briefs and offers. MalwareHunterTeam reports that such schemes have been found on both Fiverr, a freelance services marketplace, and Freelancer.com, which businesses around the world can use to find freelance workers for various projects and long-time jobs.
Freelancers are not the only ones in danger here – casual workers and international contractors often use e-mail to receive and find new offers, and it makes them a target as well. Sending attachments in e-mails is common – so common, in fact, that there’s a possibility of opening them without giving it a second thought. And that’s just what cybercriminals are looking for, as it gives them the ability to infiltrate other people’s systems with their creations. Worst of all, e-mails sent by them don’t even look off in any way.
MalwareHunterTeam provides examples of such e-mails in their report and they appear to be standard offers, with questions about the cost and time frame. The attachment, supposedly, contains information on the job, but it’s malicious in reality. In one of such cases, a job hunter from Fiverr was attacked. In the other, the “My details.doc” document sent over Freelancer.com turned out to be infected. Preventing this is possible if you have security software installed, updated and running, but some of the threats are capable of bypassing it. That’s why files from other people should be approached with caution.
Adding to that, con artists are very hands-on in this particular campaign. They don’t just send out e-mails and hope that someone opens them – they’re ready to answer questions and provide instructions. Per MalwareHunterTeam, “and he actually spend[s] [the] time to reply to everyone who told him something wrong / not opens / etc, asking what is wrong, explain what to do (or in other words, how to get infected…)”. This makes the situation even more dangerous and raises the possibility of cybercriminals being successful in their endeavors.
As far as the attachments themselves go, there’s nothing new here – documents seem to contain macros and the user is asked for permission to execute them. Once they are, the malware payload is downloaded and the virus starts wreaking havoc inside the device. Chinese-speaking LuckyMouse, for example, has been connected to campaigns that employ malicious documents embedded with macros which exploit a known Microsoft Word vulnerability in order to infiltrate the computer. Having no latest updates for your OS installed, no security software and macros enabled increases the risk of it happening.
If that’s the case, it’s imperative to install all the latest updates (both for your OS and software) and invest your money into the aforementioned antivirus. This goes double for cases when you don’t have regular clients and need to constantly get in contact with people you don’t know. The key to safety, as it pretty much always is, is caution and avoiding unnecessary dangers while browsing the Internet. If the offer you get raises any doubts from your side, it’s best to avoid it and continue your search. Sooner or later, you’ll come upon those that don’t seek to take advantage of you and infect your device with threats.
According to Fiverr, they do their utmost to provide their users with protection – “operating across 190 countries and with millions of community members, Fiverr uses the latest anti-fraud and data security measures to protect everyone who relies on our platform against malware and other attacks. Any attempts to publish or send malicious content with the intent to compromise another member’s account or computer environment is strictly prohibited on Fiverr, and we act aggressively against it.” Freelance.com hasn’t yet commented on the situation.
Still, something like this was to be expected, considering the number of people worldwide who do their work over the Internet. And, just like with other malware campaigns, there’s no need to be on the constant lookout for attacks – scanning attachments with security software should provide you with all the protection you need. New job contacts are best to be approached with caution until the trust is established, especially those that get in touch with you first. Con artists will do their best to deceive you, but avoiding them is a manageable task that doesn’t require a lot from your side.