In this piece, Khristine Casuyon, Senior Team Lead in AML at Upwork, sheds light on the growing threat of scams within freelance marketplaces, detailing how both freelancers and companies can recognize and avoid costly traps.
Freelance marketplaces have blossomed remarkably since the shift to remote work during the COVID-19 pandemic. In the US, over one-third of the workforce was involved in freelance jobs in the first year after the global pandemic, according to an Upwork study. Several years later, freelancers still enjoy unprecedented flexibility, balancing their personal and professional lives, while companies tap into global talent pools cost-effectively. Yet, amid this bustling growth lies a shadow: online scams.
Take the case of a freelancer who shared their experience on Reddit: they landed what seemed like a dream project, completed the work, and then the client vanished—along with their payment. On the other side, companies hiring remotely have faced their own nightmares, like paying for high-quality deliverables only to receive AI-generated or plagiarized work. These stories aren’t rare.
Freelancers, particularly newcomers eager to build their portfolios, often find themselves the primary targets of sophisticated scams. Fake job postings, phantom clients, and shady payment schemes exploit the enthusiasm and urgency that freelancers feel when securing work.
For instance, job offers requiring “registration fees” or “security deposits” are classic red flags. Genuine opportunities don’t typically come with upfront costs. Moreover, seemingly authentic clients may request sensitive personal data—banking details, IDs, or passwords—under the guise of routine verification. Then there are clients who promise to pay after the work is done, only to vanish without a trace. Payment fraud remains one of the most painful realities of freelancing. For instance, in December 2024, the FTC warned users about online job scams that led to stealing over $220 million from the victims.
Beyond financial scams, some freelancers unknowingly walk into identity theft traps. A so-called client might ask for personal details like passport scans or even login credentials, but once those details are handed over, they can be used to commit fraud elsewhere. The same scammer might even impersonate the freelancer, using their credentials to deceive others.
Another increasingly common scheme involves scammers posing as clients offering roles like virtual assistant jobs. After a brief conversation, they may ask the freelancer to send money via a crypto wallet or another e-wallet, promising to reimburse it as part of the first paycheck—along with a 5-star review and a generous commission. Many fall for this tactic, lured by the promise of easy money and fast rewards, only to realize too late that they’ve been duped.
While freelancers often find themselves on the losing end of scams, companies hiring remotely aren’t immune either. Some freelancers inflate their credentials, presenting portfolios filled with stolen or AI-generated work. Once hired, they either submit low-quality content or, in some cases, fail to deliver anything at all. For businesses on tight deadlines, these scams aren’t just frustrating—they can lead to missed opportunities and financial losses.
The risks don’t end there. Some scammers operate with more malicious intent, using freelance contracts as a way to gain insider access to sensitive business information, proprietary data, or internal processes. A supposedly talented freelancer might embed spyware, steal intellectual property, or leak confidential data, posing a far bigger threat than just poor-quality work. One recent example involved Australian businesses unknowingly hiring North Korean IT workers who posed as legitimate freelancers, gaining access to sensitive data and redirecting earnings to North Korea.
Then there’s the issue of fake identities. With remote work eliminating face-to-face interaction, companies sometimes unknowingly hire people who are not who they claim to be. A freelancer’s profile might list impressive credentials, but without proper verification, there’s no way to know if they actually have the skills they advertise. Some businesses only realize they’ve been duped when the work turns out to be far below expectations—or when a freelancer disappears after receiving an upfront payment.
While risks are inevitable, navigating online marketplaces with awareness and caution significantly reduces vulnerabilities. For freelancers, it’s wise to carefully research potential clients before starting any project—review their online profiles, seek verified reviews or feedback, and watch out for requests that involve upfront payments or sharing sensitive personal data. Be wary of vague job descriptions, overly generous offers, and employers who avoid formal agreements or verified payment methods. Utilizing trusted platforms with built-in protections like escrow payments and dispute resolution can provide additional layers of security.
For employers, effective due diligence is equally essential. Thoroughly vet freelance applicants by closely examining portfolios, verifying references, and conducting brief video interviews to confirm their identity and capabilities. Clearly define deliverables, timelines, and expectations upfront, using written contracts or agreements whenever possible. Additionally, be alert for indicators of AI-generated or plagiarized submissions, and don’t hesitate to request preliminary drafts or progress updates to confirm authenticity and quality before committing significant resources.
Ultimately, a little skepticism goes a long way. Intuition remains a powerful tool for both freelancers and employers—if something feels off or too good to be true, there’s likely a valid reason to pause, reassess, and proceed cautiously.
