Keith the Client was desperate for his site to look like his competitor, Jan the Giant’s site. He saw she had a really slick menu with some advanced functionality – you know, the mega menu.
Jan could afford such luxuries because her business had been around for a while and she was making a decent revenue. By contrast, Keith was fairly new to the game and wanted a slick look without the years of saving up for it.
So one day Keith hired an offshore freelancer, called Ray, from the Philippines. He started barking commands at the poor, underpaid freelancer. But Ray did his bidding and served him up a nice site with the mega menu to boot.
Then weeks later, it all turned to poop…
This is based on a true story. The freelancer was given similar instructions to hunt down a premium plugin, used by a competitor, and get it up on the site.
Here’s the problem.
Freelancer Ray didn’t have the monetary means to license such products for his gigs, nor did Keith supply a budget for it. Therefore, Ray found the plugin on a torrent site. And it was riddled with malware.
If Something is Free, it’s Almost Too Good to Be True
Normally, I’d agree. But we’ve seen such platforms like WordPress which are 100% free. And that is both good and true.
The issue lies in things that aren’t generally free to start with, but have a free alternative. And with truly free stuff, there’s always a catch. If you download a free plugin from the repository of WordPress, you may be prompted to upgrade for better functionality.
And, as Keith found out, if you download from a torrent site, there also has to be some kind of give back. There’s no such thing as a free lunch.
The hand that takes is generally the same sneaky hand that embeds the virus into the plugin so that future spoils can be taken without permission.
Is it worth it? Not only to risk the legalities of ‘borrowing’ a plugin but to have your site hacked and your customers’ data compromised?
This is the absolute worst way to acquire a plugin in my opinion.
If You Are Outsourcing, You May Be At Risk
Now, I’m not going to typecast every freelancer; but there is always a risk when you set a task and expect them to bring the resources.
I know this because I’ve spoken to 3 different friends who have been freelancers and sought out my advice on how to fix a broken site. I only later found they had used plugins sourced from torrent sites, to save cost, on their client.
So What is the Solution?
First step, you need to identify the problem. And the problem is generally you.
If you are paying a freelancer – as opposed to an agency who runs as a business – and expecting them to implement specific functionality out of his or her own pocket, there is a risk they could source the premium plugin illegally.
Why am I suggesting you could be part of the problem? Because you may be expecting a freelancer to go off and find a tool without compensation.
So the second step, if you are going to do this, is to ask if they have a licensed version of the plugin or theme. Understand where they downloaded it from.
The third step is to give them access to your own ‘stash’ of licensed plugins, themes and images as opposed to making them source it themselves. This reduces the risk to both of you.
This is actually what I do when I have a Virtual Assistant create an image for me. That way, I feel safe knowing they are not looking for stuff I should have supplied.
Outsourcing can save you a ton of time, but be a risk. You have learned in this post how to mitigate such risks by supplying your own resources.
This warning doesn’t necessarily apply to digital agencies. They are a different beast. It is more a warning for using independent freelancers. Although I’d hate to stereotype, I’ve seen it happen more with freelancers from poorer countries. They simply cannot afford to license what you need without compensation.
While we talked mainly about plugins, this also applies to themes and even images. Get them from credible vendors like WordPress.org.
What Happened to Keith?
So what happened to Keith? Well, he had to pay somebody to remove the malware from his site. Which actually cost him more than it would have to just buy the plugin from code canyon.
If you have any similar stories, or even contradictory experiences, I’d love to hear. Simply comment below and let’s keep this conversation moving.