This was really painful, I was hacked and my freelance 2017 earnings were stolen away! I will share my experience and how to protect yourself from potential hacking attacks.
I work as freelancer and used Payoneer to collect my earnings. On the 14/02/2017 (coincidentally, on Valentine's day of 2017) a supposed potential client contacted me with a project request and sent me an MS document file supposedly to contain more detailed description about the project. But unfortunately, the client was a fake and he was just a hacker looking to collect innocent peoples password to there online bank accounts.
The MS document file he sent to me actually contains some VB macro scripts that runs in the background of a PC to extract/grab login credentials saved on the web browser.
Few hours after I opened the file, I got notification that my funds were been transferred out of my account an unknown email account tied to payoneer and that was how it all happened.
Honestly it sucks to see a potential client turning out to be a hacker. See (image above) the message he sent to me and I was looking up to working with a legitimate buyer, but unfortunately I was wrong.
The hacker transferred or stole my funds to this payoneer email account at: baland.v@yandex.ru
I know my God will never allow him go free! I have reported this issue already to my God and other relevant authorities.
The hacker transferred or stole my funds to this payoneer email account at: baland.v@yandex.ru
I know my God will never allow him go free! I have reported this issue already to my God and other relevant authorities.
How to protect yourself from potential hacking attacks
1- Never save important logins details on your web browser, even if you are working from your personal computer. Device a way of saving/remembering your passwords that no script can read remotely.
2- Never trust any MS doc file that contains VB macros. If you most open such file make sure you are not connected to the internet or at least use a different trash PC to open it.
3- Always use anti virus to scan files you received (especially from first time clients) and change your login credentials regularly.
I hope this safes someone out there from being the next victim.
Stay safe!