Beware the auto seller on Craigslist who says he'll send photos on request - he could well be a crook who sends photos packed with malware, the US Federal Bureau of Investigations (FBI) has warned.
In a posting on its news blog, the FBI says it's seeing scam artists posting ads without pictures on unspecified sites.
When a potential buyer asks for images, the crooks will sometimes send what they claim to be pictures as attachments, while other times they'll send a link to an online gallery.
Either way, the FBI says, the "images" can contain malware that infects victims' computers.
The malware directs a victim to a bogus website made up to look like the site where the ad was originally seen.
After a victim agrees to purchase the item and makes the payment, the perpetrators vanish: no more emails, and no merchandise forthcoming.
Crooks are also using a variation on this photo-sharing scam. In this version, a scam artist poses as a seller who contacts those who've lost an online auction.
The bogus seller claims that the original winning bid fell through.
The FBI offers these tips to avoid getting preyed on when shopping online:
- Make sure websites are secure and authenticated before you purchase an item online. Use only well-known escrow services.
- Research to determine if a car dealership is real and how long it has been in business.
- Be wary if the price for the item you’d like to buy is severely undervalued; if it is, the item is likely fraudulent.
- Scan files before downloading them to your computer.
- Keep your computer software, including the operating system, updated with the latest patches.
- Ensure your anti-virus software and firewalls are current - they can help prevent malware infections.
Be vigilant, and don't click on phishy links, even if they do promise eye-candy photos of some gorgeous car.
If you've fallen for a scam like this, the FBI recommends filing a complaint with the Internet Crime Complaint Center at www.ic3.gov.