16 January 2012

Phishing Scam: DO NOT TRUST THE BELOW EMAILS

Some users have received an email from a phisher (a type of hacker) impersonating vWorker. In one email, they asked the user to update their contact details to prevent their funds from being frozen. In another, they asked the user to take a survey to get a free $150 they had won. We expect there will be other variations in the future. In all cases, the hacker tried to send victims to their fake version of the vWorker signup page so they could steal their login credentials (userid and password).

In all cases, you can tell when an email is fake because the links DO NOT go to vWorker but go some place else (in this case, the hacker's website: http://clusiuserf31.nl/vworker/ ). It's very important to NEVER assume that an email you receive from vWorker (or any site) is real. That's because email is not secure and any person can impersonate any other email address at will. Instead, always look at the link in your browser address bar. If it takes you to www.vWorker.com then you are okay. (Or, if it's an email that send you to a blog posting and sends you to one of the legitimate blog sites: vworkernews.com, vWorkerchanges.com, vWorkerOutages.com).  If it says anything else, then don't type in your credentials and instead report it.

More information:

1) Thanks:
Thanks to those users who reported this issue. We appreciate you letting us know so we inform others. In addition to notifying all site users on every page of the site, we've also sent out an email as well. We have also reported this issue to the user's ISP and have asked them to involve law enforcement to press criminal charges. If anyone has additional information about the identity of the phisher, please let us know so we can pass that on as well.

2) I got fooled. What do I do?
Immediately change your email address and password. If anything has happened in your account without your permission then notify us to correct us.

2) How did the phisher get the email addresses? Were you hacked? 
First, we never assume that we were not hacked, because no system is 100% secure and it's always possible. However, we also currently have no evidence that we were hacked. The site is audited every quarter by a 3rd party security firm (SecurityMetrics) and that firm has found no holes in the system and has certified it as secure. Further, everything the phisher has done can be done without hacking the site's systems. 

There are several legitimate ways to get email addresses from other parties on the site that do not involve hacking. This phisher appears to have once been a legitimate user on the site who went "rogue" and used techniques that other have before. Some tips regarding this:

2a) Protect your contact info release:
If you received this email and have chosen to release your contact information to the other party automatically on $500+ projects, you may wish to turn that feature off. It can be useful, but is also subject to abuse as well.

2b) Be careful what you post publicly:It's also important to be careful what you post publicly in your profile and messages to people. You don't have to post your email address directly to have it harvested. One competitor "harvested" the email addresses of many of our users by using their public profile information to figure out their website URLs (using city, location, screen name, and other information given there). Then they grabbed their contact information from what the user listed on the website or their website's WHOIS. Unfortunately in this day and age we are very interconnected and there may be no 100% way to safeguard against this sort of tactic.

2c) Switch to an email provider that uses enhanced security (SPF):
Some email providers (such as Gmail) use an enhanced security method called SPF that validates that the email came from the place it claimed to. This blocks phishing emails (or flags them as suspicious). We highly recommend switching to one of these providers or telling your email provider to add it (if they don't).

3) Okay, I understand but I'm still concerned.  How do I know this phisher somehow didn't break into vWorker and steal my password and/or change my financials?
If they already had your password, the phisher would not need to setup this elaborate scheme to try to steal it. The same applies to access to your financials.

However, if the phisher succeeded in tricking you to give them your userid and password, then they could compromise your financials.  See above on how to deal with this.

4) What do they look like?
A copy of one of the emails (phishing hyperlinks have been removed for your protection).  Update January 24th: the link below has now been removed by the ISP (Carpathia Hosting) and is no longer available).

 

    More capable, accountable and affordable. Guaranteed.






 
      
Hi,

I'm Julia Robertson and I'm a vWorker.com Facilitator. My job is to watch over the bids and projects and shepherd them as they go to completion.

You have some information missing from your vWorker account and I have to ask you to update your contact details, otherwise your account and your funds will be frozen.

Follow this link: Update contact details.

Sincerely,
Julia Robertson
============================================
vWorker.com Facilitator
www.vWorker.com.com
Need to outsource your software development?
Post your project and receive an average of 12.4 bids within 24 hours!

Contact a facilitator / Ask questions: http:///RentACoder/misc/Feedback.asp
P: (813) 908-9029
F: (813) 960-1495
Exhedra Solutions, Inc.
============================================


4b) Copy of the 2nd variation:

Hi,

I'm Julia Robertson and I'm a vWorker.com Facilitator. You have won our prize of the month: $150 to use on our website.

To use the funds you must complete a simple form, where you have to talk about our website. Take me to vWorker.

Sincerely,

Julia Robertson

Subscribe to the vWorker Latest News Blog through RSS or email. Visit vWorker.com.
© 2001-2011 Exhedra Solutions, Inc.
Posted by Ashley ODell on 3:37 PM Share/Bookmark

13 January 2012

vWorker Case Study 13: Marco-Hans Van Der Willik (Zoe-X)

About this series:

vWorker recently conducted case studies of successful employers and workers on the site. We will be periodically releasing stories describing how employers have used vWorker to develop/enhance their business and how workers have been able to financially support themselves through the site.

Marco-Hans Van Der Willik:

Marco-Hans Van Der Willik (screen name: Zoe-X) is from Somerset West, Western Cape, South Africa. Marco-Hans graduated from high school in 2002 and wasn’t sure which direction he wanted to take in life. He wasn’t content with the idea of spending 4 years in college, so he completed several Microsoft courses instead, and began his career as a software engineer. After working several years in the industry, he had an important decision to make regarding his future. He chose to pursue his dream of starting his own company, Zoe-X. Marco-Hans used vWorker to develop his website www.Zoe-X.com, which is a competition-based brain training site. Marco-Hans plans to launch the site early this year. You can learn more about the site in the meantime by watching this video.

Marco-Hans shared the following with us about his experiences on vWorker.

1. Describe your story. Why did you start your business?

For as long as I can remember, I have had an obsession with creating things; I love analyzing problems and coming up with solutions. At age 4, my parents gave me a Lego set and I built something new every night, from castles to airplanes to different shapes and formations. I remember when I was still too young to go to school, I would be on the road with my father and he would give me mathematical problems to solve. It was then that I invented my first mathematical algorithm: an easy way to get the square of the next or previous number without pen and paper.

My father died in a car accident when I was 16 years old, a week after the September 11 attacks. My mom is great, but her gift is in not business and numbers. So to a large extent, I was on my own. I had to find my own way in this world.

I finished school in 2002 and had to choose a direction. It was difficult to choose a direction because there were many things I could do, but I finally chose to become a software engineer. I figured the digital age had just begun and that a software engineer would always have work and opportunities available. I did not want to spend 4 years of my life at a university, so instead I completed several Microsoft courses in 2003 and wrote my exams. My college, New Horizons Cape Town, then took me in to work for them, and what a time that was! They certainly threw me in the deep end; I had to take over and rewrite many of their internal systems. One time, they booked me into a hotel where I had to study 18 hours a day for a month. I had to work through 5000 pages of programming content and afterwards train a group of developers. The developers had an average of 10 years programming experience. Needless to say, I could have died a thousand deaths but I am alive and here to tell the story!

I had a three year working contract with New Horizons Cape Town, but I wanted more money. So my boss and I came to an agreement. My boss organized me a new job, but I had to pay 50 000 ZAR to end the working contract prematurely. I paid back the money over time, and to date we have an excellent working relationship. At my new job, I once again found myself in the deep end. I only had my foot in the door and could not turn down any work. Long story short, I had one day to learn a new programming language, PERL (terrible language), fix a report, and deploy the report on a Linux server (I had never used Linux). At 20:00, I was still at the factory, and I managed to break the report completely, which was needed for a level 3 directors meeting the following morning. I saw my life flash before my eyes! Around midnight, I had managed to fix everything and was able to go home and live to face another day. I ended up working at the factory for 3 years.

I have only given a little insight into my early days as a developer, but my life as a developer has been action packed from the beginning. There has never been a dull moment.  As a developer, I had two choices before me:
  1. Enjoy life: spend 50% of my time on bread and butter work and 50% of my time enjoying life and starting a family of my own.
  2. Live an extraordinary life: spend 25% of my time on bread and butter work and 75% building my company, Zoe-X.
I chose and will always choose option 2: to live an extraordinary life. I admit it has been lonely, but that will change in the near future. I always joke with my friends that I get to look at the menu but I can’t have anything.

2. What unique need/niche do you fulfill?

I have always been fascinated with the brain; I love analyzing the brain and optimizing it. I wanted to provide top quality brain training for everyone, and very importantly, I wanted to add the element of competition because it just makes brain training so much more fun. Without competition, you have nothing to drive you…no benchmark by which to measure your performance. Furthermore, I wanted it to be affordable to everyone. I didn’t want cost to be a factor.


3. How did you find vWorker? What obstacles did you run into that vWorker helped you solve?

My uncle mentioned vWorker 5 years ago when it was still called RentACoder. I used vWorker a little, but it wasn’t until two years later that I realized just what a powerful tool vWorker really is. To be quite funny, you could compare vWorker with the replicator from Star Trek. In essence, vWorker converts cash to any digital product you want.

I am a very hard core developer, but I only have so much time in a day. I personally take care of all the core logic, but I often encounter tricky situations. Instead of going through the full learning curve on my own, I outsource the problem. vWorker has thousands of workers from around the world, and a thousand minds is certainly better than one. Often, I will outsource entire components and then make the code my own by restructuring it to match my style/preference.

From a worldly point of view, everything boils down to money. To beat the competition, I need to maximize my resources: time and money. If a task is going take me 9 hours to complete, I am looking at $900 worth of time. But if I outsource the task, I am able to find a coder that already has the necessary experience for the task, and the task will only cost me $100. I would also need to spend 2 hours of my time: 1 hour to manage the project and 1 hour fine tuning the code. So we are looking at $900 versus $300 ($100 to outsource + $200 for my time). Not only am I maximizing my resources by 300%, but I am able to process 4 times more work, given that time is my biggest constraint.

4. What impact has vWorker had on your career and your business?

vWorker has had a tremendous impact on my career. Any company I have worked for knows they can give me any development work and I will do it in the given timeline. vWorker allows me to work with any technology and offers virtually unlimited on-demand work capacity. I have been analyzing the internet and related technologies for several years and with vWorker’s help, I have developed an incredibly advanced brain training site in under a year. We are now ready to go to market. vWorker has done a great deal of research for me and has helped me create a business plan and revise it countless times. Zoe-X will receive investment in early 2012, as soon as the pty has been registered.


5. Who were your key virtual workers?

My approach is a little different; vWorker is my virtual worker. I have literally worked with hundreds of talented workers across the globe. I often work with a coder on numerous projects, but there is one worker with whom I have really done a lot of work: LEdmiston. He and his cat are now part of the Zoe-X team.

6. What advice do you have for others who are starting the same way you did?

Warren Buffet and Bill Gates were at a conference with thousands of other successful entrepreneurs where everyone had to give one word as the secret ingredient to their success. Only Warren and Bill gave the same word: FOCUS. As an entrepreneur, you need not only talent, but also the discipline and will to push on day after day until you achieve success.

The one thing that most entrepreneurs neglect is a business plan. We all prefer to jump right in and get started, but this is one of the biggest reasons for failure. You simply cannot build a house without blueprints…you are bound to forget something. Every business has weaknesses and areas of concern. You must be aware of these and plan for them from the very beginning.

7. What is your favorite feature on vWorker?

I love the stock standard “Honest-billing money-back guarantee” way of outsourcing. There is no risk and you know exactly how much the project is going to cost. I have also been testing the “Crowdsourcing” feature that vWorker recently release and I am absolutely loving it!

8. What has been your experience in mediation/arbitration?

I have been through numerous arbitrations with most of the arbitrations being settled immediately. vWorker’s staff have always been fair and competent. Communication is crucial; you must give clear project specifications and let the worker know the moment you are dissatisfied with work. In this manner, you will not only win your arbitrations, but you will avoid most arbitrations altogether.

9. Do you have any tips/tricks/secrets about vWorker that you’ve learned that you’d like to share?

When you start out on vWorker, it is important that you only work with reputable workers: a worker must have at least 5 ratings and an average rating no lower than 9.5 out of 10. Make very certain the worker knows what to do. Never assume the worker knows what to do.


Subscribe to the vWorker Latest News Blog through RSS or email. Visit vWorker.com.
© 2001-2011 Exhedra Solutions, Inc.
Posted by Ashley ODell on 3:29 PM Share/Bookmark

10 January 2012

Search Functionality Not Working Properly

We have recently received numerous complaints about the search functionality not working on the site. We are aware there is an issue, but are unsure as to the true cause of the problem. We have recently rolled out changes that seem to be breaking the search functionality, but the changes were so slight that they should not have caused such a severe problem.

We released a temporary fix late last night which should make searching at least functional. Searches are still taking longer than we would like, but at least they are no longer timing out. We have also opened a ticket with Microsoft to get their assistance on this issue (since it may be related to something they released).

We are working to get a permanent fix released as soon as possible. We will update you as soon as the feature is working normally again. Thanks for your patience, and we apologize for any inconvenience caused by this issue.


Subscribe to the vWorker Latest News Blog through RSS or email. Visit vWorker.com.
© 2001-2011 Exhedra Solutions, Inc.
Posted by Ashley ODell on 3:36 PM Share/Bookmark

09 January 2012

How to be a vWorker Arbitration Champion (For Workers) - Part 2 of 2

Every day, some workers on vWorker win arbitrations and unfortunately other lose. A decent number are like "undefeated champs" and win arbitration every single time they go into it. But others struggle and lose every single time.

So what's the difference between the two groups? And how do you make sure you're one of the "champs" in arbitration and not one of the "chumps"? Fortunately it's very easy, with the following tips.

In Part 1 of this article, we discussed how to work professionally and competently with your employer. Once you’ve done that, you’re usually in very good shape to win your arbitration. However, there are still some important things you need to do to make sure you don’t “blow it”. By following the below tips, you can make sure you are an arbitration “champion” and not an arbitration “chump”.

  • Upload all work files at the start…

    • Upload 100% immediately:

      As described in part 1: You need to upload 100% of your deliverables onsite before the deadline/milestone arrives.

      However, let’s say there was no deadline…or it has not yet arrived. How do you protect yourself in arbitration in that case? In that situation, you need to upload 100% of your deliverables to date to the site once you start the arbitration (or get a notification of it). 

      We send out an email reminder telling people to do this, but many people ignore it. That’s a big mistake. If we need to look at the deliverables, you will lose the arbitration. Again it’s a simple thing to do. So just do it!

    • Upload it all:

      Make sure you upload everything needed to verify you met the contract. If you are working on a graphics projects, the source files need to be uploaded as well.
Read more »
Posted by Ashley ODell on 3:39 PM Share/Bookmark
Subscribe to: Posts (Atom)