This is a story about people doing bad things on the internet. It’s not the first and certainly won’t be the last. We decided to tell our story to help prevent others from becoming victims. Of course we don’t want people misusing our brand, but the people who have spent their precious time and lost money in this are the real victims and are the ones we are looking to protect.
It started with a DM
We started getting strange messages to our social media accounts and various company email addresses asking “is this project real?” The project: Translation work from somebody who is using a name very similar to ours and our company logo.
This has nothing to do with our company (if you look closely, you can see the misspelled name). We responded to these inquiries letting the email senders know the project was not real and that they should not communicate with these Scammers (I’d really prefer to use a stronger term here, but my editor would not allow it). We also let the platforms where these conversations originated know what was happening.
As we received more messages, some of them became more urgent. Some of these new Victims were panicked because they had done the work and then sent money to the Scammers. One of them had sent $1,500.
How does this work?
We believe that these scams start with a job posting on sites like Freelancer.com and Upwork. The Scammer then asks the Victim to move their communications off the original platform and to communicate directly through Telegram or another messaging platform, including email.
The Victim is given work that seems legitimate, and completes the task. When the Victim seeks payment, the Scammer then requires the Victim to establish an account for payment, which requires the Victim to send an “account registration fee” to the Scammer. This advance-fee scam is not new. Similar scams have been around in various forms for decades or longer, including the Spanish Prisoner and Nigerian Prince scams.
The Scammer promises that the account registration fee will be refunded upon the Scammer’s payment for the Victim’s work. At this point, many of the Victims realize that they have fallen for a scam. But some Victims, having already done some work and not wanting to walk away from a potential payment, go ahead and pay the account registration fee. A behavioral psychologist might refer to this as an escalation of commitment or sunk-cost fallacy.
In a few cases, the Scammer further escalates the commitment by asking the Victim to make an additional payment to link their account.
How can freelancers protect themselves?
According to HR statistics, freelance work in the US has been on the rise, with 53 million registered freelancers in 2014 versus 59 million in 2020. So how can these freelancers protect themselves? The first thing that people can do when working on freelance projects is to always work through the platforms. They have established policies in place to ensure that payment happens once the job is completed and that payment should happen directly through the platform. Being asked to move communication to email or another platform should be a red flag.
Secondly, there is absolutely no reason that we can think of where a legitimate company would ask you to provide payment in order to get paid. If it sounds like it doesn't make sense, it probably doesn't.
Third: watch out for projects that look too good to be true. The pay for the projects that we've seen were quite generous and this of course gets people more interested. If it seems like you are being overpaid for the amount of work involved, keep your guard up.
What are you doing to stop this? What can other companies do?
We aim to work with the freelance platforms and relevant law enforcement to try to prevent these types of scams from happening. Below are some contacts and links that we used so you can use them if needed. If you become aware of a scam online posting, please report the posting and/or the user to the relevant platform.
Also, provide a way for people to contact you. People who have lost money are very resourceful about getting in touch with someone who can help. We have seen direct messages on social networks, emails to every alias listed on our website, and well as personal telephone outreach to team members and their families. By posting a link on our Contact Us page, we have made it easier for people to connect with our legal team and get additional information.
Open request to freelancing platforms
As we discussed how to handle this internally, one of the things that we think could provide a significant Improvement in the freelance ecosystem would be to allow companies to become certified. This would be similar to the blue check on Twitter. This way, a freelancer would know that the job is legitimate and coming from the official company account. It seems like a step in the right direction. It appears there is something similar for individuals, but we couldn’t find anything for companies.
We are not experts in this area, so there may be other things in place or better ways to solve this problem. We'd love to start a discussion about how we can do that. For now, know that Marin's cyber security practices are strong. If we need any freelance assistance, we will not be contacting anyone through Telegram or Whatsapp.
As we live in a world with increasingly remote employees, we expect that we will all face more of these types of threats. We all should keep our guards up.