As a freelance writer or small business owner are you protecting yourself against cyber-criminals who want to steal your private information?
I recently found out exactly how vulnerable my device – and freelance writing business – was.
Online attacks strike major corporations and even government units, but as a small business owner or freelancer writer, you’re at risk too. It’s not only your personal information they’re after. A hack could crash your computer, destroying all your files.
In this post, I’m sharing how I almost got hacked – and the three-step cybersecurity plan I’ve put in place since to make sure it doesn’t happen again.
ProBlogger Scam
Let;s start with the story of how I almost got scammed on ProBlogger.
Any freelance writer will tell you all writing job boards are not created equal.
After five months of freelancing full-time, ProBlogger is my top choice. It’s regularly updated and I’ve landed awesome short-term and long-term freelance writing opportunities
I spotted a posting for a content writer at a leading content agency, and could check off all the skills they were looking for. I checked their blog and loved their content. It was a content creation agency with offices in major centres across the world: Hong Kong, New York, London.
The ad looked great. But a small detail did seem off.
Early Warning Signs
The contact person was using a Gmail address . Warning: A staffer at a global content agency probably won’t be using a Gmail account to recruit new writers. I scanned the agency’s About Us page but couldn’t spot anyone with similar initials. I still didn’t think this was deal-breaking strange, a few companies don’t list specific contact people’s names and while some give you the option of applying on the ProBlogger site, others let you apply via mail.
I applied and received a reply from the job poster who sent me off to Skype to connect with one of the editors.
I Googled both of them. The goal was to read some of their articles and check their Twitter accounts. I couldn’t find much on either.
This should have triggered the alarm bells LOUDLY. In 2018, everyone is social media and the New York editor of a multi-national, award-winning agency would have an active online presence on at least one channel.
Scripts to Steal Payment Information
After a few messages, the scammer shared two files with me.
The first file was a PDF with stock standard writer’s guidelines. The second one, the Payment Terms, is the that can’t wait to infect your system.
The file type was a VBS script, and my computer wouldn’t open it. As I was converting it with an online converter, I was chatting to my husband (a software developer and my resident IT guy) about this file. I mentioned it because I hadn’t see this file type before. He asked about the extension – a VBS file – and told me to stop converting it; it wasn’t a good idea to run scripts from unknown sources on your computer.
It could be a virus and perhaps their account had been hacked. Then I started searching Problogger + scam and found this and this one here.
The scam was to get you to run the script to install a keylogger to steal your PayPal login details.
When I went back to ProBlogger to report the scam, I found they had warnings on their site.
I was lucky and immediately committed to better cybersecurity, realising how exposed I’d been.
Here are the three measures you can put in place today to protect your device – and private data.
Install Anti-Virus Software
Most devices come with anti-virus software, but you can never be too careful and you can download high-quality AV software for free.
I use Kaspersky and it does a great job of blocking dangerous files and websites. When you download, start with a scan of your device to make sure there are no malicious files.
Use Cloud Storage or Back-Up Files
Having a back-up of your data makes your far less vulnerable to crooks.
The idea of having to wipe my computer and restore factory settings in the case of a breach was frightening. I’d always been meaning to move my files over to the cloud but never got around to it. Now I’ve stored most of the critical work on Google Drive and I make a habit of writing new blog posts there too. Whether you require cloud storage or an unlimited online back-up depends on you needs. At the most basic, storing important work on your computer and free online storage like DropBox or Google Drive will be sufficient for most freelance writers or entrepreneurs.
Block JavaScript
Javascript (not related to the programming language Java) is a computer code responsible for the interactive elements on any website. But hackers found a way to hide viruses in the script. In one scam, hackers will place the malicious code on a website and when you visit it, your device becomes infected. From here, they can demand cash from you in exchange for getting your data back, or in another variation they claim to to be from a law enforcement agency and need you to pay a certain amount for your system to be released.
One way to get around this is to block Javascript completely. To do this in Chrome, go to Settings in the top corner of your browser, click on Advanced and then Content Settings.
When you turn off Javascript though, your entire web browsing experience will change. And that change will be dramatic. Some images or video won’t be loaded, but there are other benefits too – your browser might be faster and you could be less distracted while online.
There are also extensions you can download to block specific JavaScript viruses. NoCoin will block browser-based scripts that secretly use your computer’s processing power to mine for cryptocurrency.
Conclusion
If you’re a freelance writer specifically, there’s a host of online scams though many of them include getting you to work for free. Digital tools have given rise to new threats. Be vigilant and secure your data to avoid falling victim to hackers.
Header image credit: Paulius Dragunas