Malware is Becoming a Big Issue

Scott B · Mar 12, 2019 04:54:48 PM

At first I though the OP was using "malware" generically to describe scammy jobs, but I am getting the sense now that we are saying that there are links to malware within a posted job description? I admit I have never seen this so I want to clarify what people are seeing. If in fact there are malware links, UW definitely can detect these if they have the right software. This something they buy from the likes of say a Mimecast or others. This is not something you do in-house unless you just prevent any links from being entered.

Nicole H · Mar 12, 2019 04:59:18 PM

Yes - the links are in the initial contact message after someone applies
for their "project". I have seen many links that look like safe Google
Drive files. I tried to post images but they got removed.

John K · Mar 12, 2019 04:59:46 PM

Scott B wrote:
At first I though the OP was using "malware" generically to describe scammy jobs, but I am getting the sense now that we are saying that there are links to malware within a posted job description? I admit I have never seen this so I want to clarify what people are seeing. If in fact there are malware links, UW definitely can detect these if they have the right software. This something they buy from the likes of say a Mimecast or others. This is not something you do in-house unless you just prevent any links from being entered.

Scott, I presume Upwork routinely scans links within job posts, so I assumed the links in question were contained in client messages, but that's just guessing, since I've yet to observe this firsthand.

Nicole, you beat me to the punch! Upwork should perhaps look into this, because it's a new scam variation, and if nothing else, it's wasting freelancer time and connects.

__________________________________________________
"No good deed goes unpunished." -- Clare Boothe Luce

Scott B · Mar 12, 2019 05:10:12 PM

Thanks for the clarification, John and Nicole. Same rules apply though and software is available to scan links before they are presented whether in email, job post, message, etc. Companies should be using this type of software anyway for their own internal defenses. Extending should be considered although the cost for something like this public platform would be interesting. Nonetheless, the tech exists to combat this problem. Even though this software is excellent, it is not 100%. It can miss actual malware or false flag a good site. There will not be 100% protection. Just something to keep in mind.

Preston H · Mar 12, 2019 06:11:11 PM

I feel bad about what happened to Stephen. I don't think he is an unsophisticated computer user or bad freelancer.

Nevertheless, payment verification and malware are completely separate topics.

Stephen L V · Mar 13, 2019 07:10:55 PM

At the risk of repeating myself, in my recent situation, there was unverified payment method. I don't usually count projects out when seeing that, and the job post was well written, lengthy enough to contain the kind of details necessary for me to know what the job required and offered pay that reflected the skill level they were looking for. It was for a voice over, my field.They were also only looking for one freelancer. I was offered an interview around 12 hours after replying, which also made sense as that's usually the case. The interview message contained a zip file with a supplied password, which I downloaded without scanning (that's the part where I was lazy and an atypically bad computer user, but thanks for the words of defense, Preston!). It didn't take long for me to be suspicious when the file would not open, so I checked the file location and it had gone straight to my system's powershell.

Skipping ahead: Where the unverified payment method is a factor is when there are other red flags, such as 0 other jobs posted AND a simple job with a request for a ridiculously high number of applicants (such as 45 or 60). I saw 14 or 15 of those after my initial issue, all for voice overs and all with bare minimum job descriptionss (much sloppier and lazier for the post I applied for), and I flagged each of them.

I think what Nicole's post illustrated was that, when combined with other factors, an unverified payment method should be a red flag, not that it is always the case.Apologies to Nicole for potential mansplaining.

PS-My security software (Webroot) couldn't find the malware I downloaded, and it took a two hour remote session with one of their people in order to find it and kill it. He literally told me that it was the first time that virus had ever been seen by their company. His comment was "Having the only computer in the world with this virus is not a good thing". In the end, all was fixed and lessons were learned. I am somewhat bolstered by the sophisitcation of the entity that I was was infected by. It is heartening to know that Upwork does indeed attract talent.

Nicole H · Mar 13, 2019 07:19:58 PM

Very well said! You hit the nail on the head as far as the main point of
my post.

Kholleras I · Mar 13, 2019 08:11:41 PM

Unverified payment method + zero jobs posted is not a red flag. It makes complete sense that someone who's never even posted a job before has no verified payment method yet. The lack of payment verification is almost completely irrelevant until a potential client offers you a contract. Someone looking for 60 freelancers for one voiceover is suspicious regardless of payment verification.

Tonya P · Mar 13, 2019 08:40:20 PM

I would guess that jobs that require the sharing of large files are easier to target because the freelancer is less likely to be suspicious of a zip file with a password.

My takeaway will be to avoid those types of files!

Petra R · Mar 13, 2019 08:44:35 PM

Upwork does scan attachments, hence the frequent outraged posts when someone can't download one...

Here it was a link to a place outside Upwork, far more difficult to police.