Friday, February 7, 2014

A fraud ODesk job posting by hackers which could steal your email, login name, password

Your email address and password are very important information, you should never put these things in a place you're not sure about.

fraud-phishing-job-odesk

Just today I came across a job posting on ODesk which specifically wanted Pakistani freelancers and listed Urdu as a required skill. I am a full time mobile software engineer, but I love writing and I got an Urdu language blog. I also got more than one English language blogs including this one. The opportunity sounded very nice to me so I applied for the job considering it good fun.
A few minutes later I got an ODesk message back from Gomez Dambreville. Without further ado, the text of this identity thieve's message is given below:

Thanks for apply first of all see the PDF file through this link  http://www.attachment-pdf1.tk after this download HTML through this link http://www.link-html1.tk and connect with us through  Gmail , Yahoo or Hotmail HTML , so we can go further.
Note:
Use these HTML to sign in to Yahoo,Gmail or Hotmail with your login detail to connect with our manager for interview after that we hire you here on odesk.

Ladies and gentlemen, stay away from this job post. I have reported it as inappropriate and I hope ODesk is going to take care of the fraudsters behind the job post.

If anybody opens any one of these pages, you will reach a website operated by a ring of identity thieves and hackers. First link will take you to a web page that looks like ODesk login page but it is not operated by ODesk. BEWARE!!! Just check the address given in the address bar www.attachment-pdf1.tk . Please note that stealing someone's login name and password is a cyber crime, and anyone doing such a thing is nothing but a criminal.

fake-odesk-login-page-phishing


They have even created fake login pages for GMail, Yahoo, and Hotmail. Now that's what we call fraud full circle.

fake-gmail-phishing-odesk

fake-hotmail-phishing-odesk

fake-yahoo-phishing-odesk


Signs of trouble
There are things related to this job which can be treated as sure warning signs. A list of the signs is given below:

  1. This person is not a very old member, the account was opened on Feb 7 2014.
  2. In such a short span of time they've opened 9 jobs but hired nobody on even a single job

A cousin of mine recently got an invitation from a similar job, he later sent me the text of the crook's message. I told him about the ages old method of identity theft, and saved his life :)
This type of crooks try to steal identities of new freelancers, ODesk has been doing a very good job handling these people and I hope they'll keep kicking butt.
Posted by at No comments:
Subscribe to: Posts (Atom)