Avoid Phishing & Malware

First, following all the general electronic security guidelines can help you protect your computer and your information.

Next, communicating with your Upwork clients and freelancers via Upwork Messages will allow us to assist in protecting your security. 

Finally, phishing lures and malware could be hiding almost anywhere online. Staying vigilant no matter where you are can help you protect yourself and your information. But you're most likely to run into them via email, so we'll provide you with tips and best practices for staying safe with email.

Tips to Spot Email Scams

These best practices can help you spot and avoid email scams: 

  • Take a moment to look at the email address – does the alias or sender look legitimate?
  • Consider whether the content of the email makes sense (Would a Nigerian prince really want to give you a million dollars?)
  • Watch out for messages urging you to act fast before you think.
  • Beware of emails asking you to respond or call them with contact or financial information or personal information, such as date of birth or social security number (or other tax ID).
    • First, ask yourself if the the sender has a legitimate reason to be asking for this information.
    • Even if you answer the first question "yes," don't reply to the email or call the number provided. Contact the sender directly to determine if the request is legitimate. (For example, call the number on the back of your credit card.)
  • Beware of emails that contain links and/or attachments, and be careful before clicking or opening them. The easiest way to protect yourself is to not click on suspicious or unknown links.
  • Malicious links are the most common scam tool and one of the easiest to spot if you know what you're looking for. At first glance, the URL may appear legitimate, but…
    • The true URL could be hidden (a link's text can look like a URL, while link itself points somewhere else). Hover over the link to see where it's really pointing.
    • A link shortening service might be used to hide the malicious destination.
    • The URL may contain misleading typos, such as upvvork.com instead of upwork.com.
  • Ask yourself whether you're expecting an attachment from this person.
    • The only attachment file format that isn't a potential threat is .txt. Treat all other attachments as potentially malicious.
    • Attachments, especially Microsoft Office files like .xls could contain hidden malware, even if they pass your virus protection scan.
  • And when in doubt, confirm the message content with the sender before taking any action, including clicking links, saving/opening attachments, or calling the phone number. Confirm via a method other than email, if possible. If not, compose a new message. Make sure you are not replying to the suspicious message – that could go to the phisher!

Want to learn more about protecting yourself from phishing? Click here to read the Federal Trade Commission's detailed advice.


email us

If you believe you have received a phishing attempt through Upwork, from an Upwork user, or about your Upwork credentials, please report it to phishing-report@upwork.com.


For more information about reporting Upwork-related suspicious activity by a fellow user that isn't a phishing email, click here.


Worried you may have fallen victim to a scammer's malware attack? Continue reading in Detect Malware.

For an overview of online safety and security best practices, please visit our Security Center. Or check out our complete online security series by clicking the links below:



Have more questions? Submit a request

Comments

Incident Status
Components
Locations

Select your issue category and subcategory
Please share as much information as you can, including things like:
Attachment (for example, screenshots):
Add Files
    Popular Topics
    Provide more details:
    Attachment (for example, screenshots):
    Add Files
      • Discuss with Upwork Community

      Your request has been submitted

      Your ticket number is XXXXXXXXX
      We will email you as soon as we can.

      Our records show your Upwork account is not active.

      This might be due to no account activity (earnings, payments, contracts, etc.) or because we had to suspend it. When we suspend an account we send an email explaining the reason and whether or not you can take steps to reverse the suspension. Please review that email for more details.

      For general questions, you can visit our Community or review our Terms of Service.

      We’ll start a video chat with you. Please make sure you use a desktop device with a camera to continue the process. Also, allow Upwork temporary use of your camera and microphone. You may disable this access after the chat session.

      If all of our agents are busy when you attempt to chat, please hold, and one of our agents will be with you shortly.

      We noticed that you're currently using a browser that is not supported by our video verify process.

      We recommend that you switch to Google Chrome or Firefox in order to successfully complete verification. Thank you

      Upwork’s Category Specialists are standing by to help you discover and plan new projects.

      Ask them about roles or projects that you want to learn more about. They can also draft job posts for you.

      Your chat will begin in the bottom right corner of this page.

      Upwork’s Category Specialists are currently offline.

      Send us a message below and we’ll respond via email as soon as we can. You can also come back here during business hours (Mon-Fri, 6am-5pm PT) to chat with us.

      How can we help?
      Thanks for your message! A Category Specialist will respond to your message via email as soon as they can.