Cybercriminals love people in HR departments, because their job includes opening files that come from unknown sources — CVs, application materials, and so on. And these files quite often contain something malicious. You know who’s in the same boat, for the very same reason? Freelancers.
Freelancers also have to communicate with a lot of people they don’t know personally, and open files that come from who knows where, be it text for translation, technical documentation for a coding project, or a description for a picture they are supposed to draw. That makes freelancers an easy target for cybercriminals of all sorts.
For example, security researchers recently noticed an active campaign targeting people on websites for freelancers such as Fiverr and freelancer.com. A group of cybercriminals was contacting people registered on those services saying they had a job they wanted done, and, as the story has it, they were saying that the details were in the attached file.
It actually was a .doc file, not an executable, and that convinced at least some of the victims that it was safe to open. What could go wrong with a Microsoft Office document, right?
But a very specific thing may be wrong with Office documents: macro malware — malware hidden in macros used in MS Office files. When people open such files, they are prompted to enable macros, and some of them comply. After that — in the case of the recent campaign — the program installs a keylogger or a remote access Trojan (RAT) on their computer.
With keylogger or a RAT installed on your computer, the crooks can see everything you type, including your logins and passwords, which allows them to steal your accounts and your money.
A similar malicious campaign was allegedly spotted on LinkedIn and on Alibaba.
Being a freelancer has advantages, but there are huge drawbacks as well, and adding increased interest from cybercriminals to the mix can turn the burden of being a freelancer into something unbearable. So let’s discuss what you can do to protect yourself from different kinds of threats.
Information security tips for freelancers:
- Do not install any software a client or potential client wants you to install, unless you download it from official sources and make sure that it doesn’t give the client access to your computer. A couple of years ago, a malicious campaign lured freelancers into installing Airdroid, an official remote access app, on their smartphones, and after that their credentials were stolen through this app.
- Do not open any.exe or other executable files. They might be malicious. In case you absolutely need to do that, first check those files with an antivirus or using a Web antivirus engine such as Kaspersky Virusdesk or Virustotal.
- Do not enable macros in Microsoft Word documents, Excel spreadsheets, PowerPoint presentations, and so on. Macros are basically executables hidden in files, and malefactors love to fool people by sending seemingly innocent documents that actually contain malware, just like in the case described above.
- Do not fall for phishing. Crooks may be interested in gaining access to your accounts on sites such as Freelancer or Fiverr, because that will also grant them access to the money you’ve earned using these services. If they access your account, that might also result in damage to the reputation you’ve worked so hard to build. So watch out for misspelled sites and letters that urge you to relogin or send your credentials to someone for any reason.
- When being paid directly, do not send anyone photos of your credit cards. Also do not disclose information such as expiration date or CVC/CVV code (three digits on the back of your card). That information is never necessary to get paid. It’s OK to send the banking information (such as your card number) when someone needs to pay you, but it’s better to do that using secure encrypted channels such as WhatsApp, Telegram secret chats, or something like that.
- Install a reliable security solution, such as Kaspersky Security Cloud, that will protect you from malware, phishing, spam, and other cyberthreats.