Elance provides a secure online work system. While we have put into place the technical and people resources to protect our members, please review these guidelines to further protect your account while hiring and working online.
How do I secure my Elance account?
Your Elance Username and password gives you access to your Elance account. Your Username is also used to identify you on Elance publicly and becomes part of your profile URL if you are a freelancer (username.elance.com). Some tips for selecting secure passwords:
- Do not choose a username and a password combination that are related to your email address or any of your other online accounts. This prevents someone who gains access to one of your accounts from also getting access to all of your other accounts as well.
- Use passwords of 6-8 characters at minimum
- Use passwords that are a combination of letters, numbers, and special characters
- Do not use passwords that include your name, birthdate, or any other information that can be easily obtained.
- It’s a good idea to regularly monitor your Elance account to ensure that no one else has somehow gotten access to your account.
Periodically check your account activity, workrooms, financial accounts, and preferences to validate that no one has tampered with your account.
If you see anything out of the ordinary with your Elance account, report it to Elance immediately.
Elance sends automated alerts when certain information on your account is changed. It’s important that your Elance account settings are set to receive alerts and that your email account is current.
How do I protect my Elance password?
Once you’ve selected your password, there are steps you can take to keep that password secure.
- Never give out your Elance password to anyone. Note that Elance staff will never ask you for your password or answers to your security questions.
- Change your Elance password every 30 to 60 days. If you believe that someone has obtained your password, change it immediately.
- Review the privacy policies of third parties that offer you services to determine how your information will be protected.
- Never enter your Elance username and password on a page that doesn't have "elance.com" immediately before the first forward slash (/). If the address includes additional characters prior to the forward slash such as "@," dashes, etc., it is not an Elance page. Even if the Web address contains the word "Elance", it may not be an Elance Web site. When in doubt, go directly to www.elance.com by typing it in the URL.
- If someone you are working with on Elance asks you to provide a password to access your website or server, be sure the password is not the same as your Elance password.
What other software should I consider to protect my online security?
Installing and updating online protection software is highly recommended. This type of software provides additional safeguards as you access your Elance account or complete jobs. Some common types of software include:
- Anti-virus software: Install the latest version of anti-virus software and use it regularly to scan your computer. Computer viruses can not only log and record keystrokes, but can also steal other personal information from your computer. Be wary of any emails with attachments as they can carry viruses that can find and transmit information from your files.
- Spyware protection: Spyware is software that is downloaded onto your computer without your knowledge to collect personal information and record your internet usage. Maintaining current versions of spyware protection will help you further protect your personal information and identity.
- Internet firewalls: Firewalls are either software or hardware that controls access and the flow of information to and from your computer. Using a firewall helps prevent any unauthorized parties from gaining access to your computer. It is especially important to use a firewall if you have a high-speed connection and computer that is always connected to the Internet.
What are common tactics that hackers use to steal information?
Spoof emails are fake emails claiming to be sent by well-known companies in an attempt to steal your information. They are called "spoof emails" (also known as "hoax" or "phishing" emails) because they mimic the appearance of a legitimate website or company. When unsuspecting recipients reply to or click a link in the email and then provide sensitive personal information, such as Elance passwords, social security numbers, banking information, or credit card numbers, the fraudsters use this information to commit identity theft.
Spoof websites are phony sites that have been created with the intention of tricking visitors into thinking the site represents a reputable organization. Normally, the spoof website will have the same design and a similar web address as the original website. Be wary of links within a profile, job post, or PMB on Elance, as these are user-generated links and are not regulated by Elance.
How would I recognize fraudulent emails or websites?
A legitimate email message from Elance will:
- Never ask you to provide financial account numbers, passwords, or other sensitive information through email.
- Never require you to enter information on a page that cannot be accessed from the Elance site. When possible, you should avoid clicking links in emails. While Elance may send emails that contain links for your convenience, you can also copy the link and paste it into the Address/Location area of your Web browser.
Suspicious websites or emails may have characteristics such as:
- Having a generic greeting like “Attention Elance Member.”
- Including a request to provide personal information, to verify your password, or to confirm account information.
- Including a forged Elance address in the "From" line of the email. For example, "From: firstname.lastname@example.org" or "From: email@example.com". Just because the sender line includes “elance.com” does not guarantee that the email is from Elance.
- Contains threats of account suspension or urges quick action to resolve problems with your account.
- Contains links to web pages that look exactly like Elance’s sign in page.
How should I respond to suspicious emails or websites?
- Do not send personal information using email. Elance will never ask you to send your account password or other sensitive information, such as credit card numbers, in an email.
- Never click on a link in an email if you are unsure of its origins, especially if the email asks for personal or financial information.
- Never enter your Elance username and password on a page that doesn't have "elance.com" immediately before the first forward slash (/).Even if the Web address contains the word "Elance", if it also includes additional characters prior to the forward slash, such as "@," dashes, etc., it is not a valid Elance page.
- When in doubt, open a new browser window and go directly to the Elance website (www.elance.com).
- Report the email by forwarding it to firstname.lastname@example.org.
If you have any doubt as to whether an email or web page originated from Elance, report your suspicions immediately to help re-establish your account’s security and to keep the Elance community safe.
- Use your email program to forward the message to email@example.com. Important: In order for Elance to investigate your report, you must forward the email without adding attachments, adding text, or altering text.
- Once you have forwarded the email, you can delete it from your email account.
How should I report activity that I suspect may be a fraud or a scam?
If you suspect that a job posted on Elance may be part of a scam, please notify Elance immediately by sending an email to firstname.lastname@example.org and also contact one or more of the parties below:
What should I do if I believe my account has been compromised?
If Elance identifies unusual activity on your account, to protect your account information, we may place a temporary lock on your account. If this occurs, please contact us to resolve the situation. We will also send you an email requesting you to contact us.
If you provided confidential information through a fake website or replied to a questionable email, you should take immediate measures to secure your Elance account and your identity. Take these steps to secure your Elance account:
- Change your Elance password immediately and create a new secure password. If the password on your email account is the same as your Elance account, you should also change your email password. Do not use the same password for both your Elance account and your email account.
- Contact Elance to inform us of the theft.
- Upgrade your browser. Browsers with the latest anti-phishing capabilities make recognizing spoof (fake) Web sites easier.
- Review your Elance Transaction History and contact Elance if you note any abnormal transactions.
Take these steps to secure your online identity. Your financial information is secure and encrypted on Elance. If you provided your credit card, debit card, or banking details to an unknown source off Elance, please follow the steps below to:
- Place a fraud alert on your credit reports, and then review them. Fraud alerts can help prevent an identity thief from opening credit in your name. You only need to contact one credit bureau since federal law requires that the one you contact must also alert the other credit bureaus.
- If you entered a credit card number, you should contact your credit card company and alert them to the situation. Follow your credit card issuer's instructions for formally documenting and addressing the problem.
- If you provided bank account information, you should contact your bank immediately and ask for instructions about protecting your account.
- File a police report with your local police or the police in the community where the identity theft took place. Make a copy of the report and note the date it was filed in case your credit card company or bank requires proof of the crime.
- File an identity theft complaint with the Federal Trade Commission. The Federal Trade Commission (FTC) maintains a database of identity theft cases. To file a complaint with the FTC, please go to their website: http://www.ftc.gov/bcp/edu/microsites/idtheft/
Order a Credit Report
Fraud Assistance Department
P.O. Box 6790
Fullerton, CA 9283
Report Fraud: 1-800-680-7289
Order a Credit Report
P.O. Box 1017
Allen, TX 75013-0949
Order a Credit Report
P.O. Box 740241
Atlanta, GA 30374-0241
Report Fraud: 1-800-525-6285