I listed an item on Craigslist this morning. This is not my first time selling there and I have been approached by various scam artists in the past, but this is the first time I have encountered this particular attempt and wanted to pass it along.
I received a text from someone telling me that they want to purchase an item for their boyfriend and asking me to click a link to view the image of what they were looking for to see if it was the same as what I was selling. The link took me to a webpage for public image sharing – www.imgkey.org. Once there I was asked to download a GIMP plugin to view the images. GIMP is an open source (free) image editor that I have used before and the link looked legit but my suspicions were aroused and I did some snooping in regard to imgkey.org and found out that the link is a Trojan virus download. The imgkey.org url was just registered on May 27, 2013 – 6 days before I got the link so evidently this is a new way for them to distribute this virus.
Just another lesson in never blindly clicking a link that someone emails (or texts in this case).
URLs to stay away from – imgkey.org and gimpsoft.org. I’m sure that the culprits will just find other domains to use, but hopefully this will save someone or more the grief of a virus.
On a side note – If you are looking for a free image editor, GIMP is a decent option. Just download it SourceForge.net through their official download page – http://www.gimp.org/downloads/
If you want additional information about protecting yourself when selling on Craigslist, this book – How to Buy a Used Car A Guide to Avoiding Craigslist Scams & Lemons – has some good practices to follow.
Someone pulled this on me today, claiming they had a photo of my missing cat. 🙁 The site they used was pixsho.net.
Ya Chinchillazilla that happened to me. I posted an ad on craigslist seeing if anyone found my lost phone and this one person said to go on to pixsho.net to see if this is the phone i was looking for. the person even seemed concerned that i lost my phone, but when i tried texting them back they wouldn’t answer. So i thought they were trying to scam me. I even tried to download GIMP but it wouldn’t work so i gave up.
Do you think they were a scammer?
Marisa,
That was definitely a scam attempt. The links will allow a virus installation that could cause damage or lurk in the background collecting sensitive information from your computer usage.
Thank you for letting us know about pixsho.net. Evidently there are multiple attempts like the one I mentioned in the original post.
So in my panic to find my beloved cat, I downloaded the gimp version they they recommended. My computer started doing some weird things, so I turned it off. My antivirus is expired. What should I do?
Do not turn it back on. On another computer go to this link – http://www.avg.com/us-en/avg-rescue-cd – and burn a cd. Boot your computer to the cd and run the full scan. Depending on your computer brand you should be able to hit a function key like F12 to choose to boot from the cd.
Yes someone tried to pull it on me also claiming they had a pic of my missing dog on picsho.net. Tried to call them and number was no longer on service. Figure it was one of those lost pet extortionist. From my ad on craigslist.
Cindy,
Thanks for sharing this follow up post. I hope our alerts will prevent people from being affected by this malicious attempt.
had this happen to me just now looking for a trade; got a link to pixsho.net. Does this install anything on OSX Mountain Lion? Going there doesnt prompt or show anythin (the supposed pics need a plugin); theres just a link to a site to download an .exe file for the plugin (.exe cant be run on mac).
Would pixsho.net be able to run somethin in the background or am i fine on a mac since when i went nothin happened?
You probably don’t have anything to worry about since it is an exe file. To be safe you may want to run a virus scan if you do not have a virus program installed already. There a couple of decent free versions of which I am aware – http://www.clamxav.com/ and http://www.bitdefender.com/solutions/virus-scanner-for-mac.html.
Also got a BS text for my missing cat. I didn’t DL any file, but the pondscum that is out there preying on folk, wow!
I hope this post was a help to you. It’s amazing how malicious people can be.
I’ll add another website to the collection of shady links: pic-msg. net. Someone tried this with me yesterday in response to my craigslist ad, but thankfully I only had my smartphone with me. When I clicked on the link, it told me that the picture couldn’t be viewed on my device, that I needed to open it on a desktop or laptop. That set off my suspicion sensors. I’m glad I found this post to confirm them. Some people are jerks. Thanks for posting this warning!
Great! Thanks for sharing. It’s easy for them to just use a different domain name whenever they want to so the more we can share, the better.
go-pix.net was where they sent me. Also a scam. Thanks for posting this.
Anna,
Thanks for sharing that information. The more we keep up to date on this, the more people will benefit from the info.