I listed an item on Craigslist this morning. This is not my first time selling there and I have been approached by various scam artists in the past, but this is the first time I have encountered this particular attempt and wanted to pass it along.
I received a text from someone telling me that they want to purchase an item for their boyfriend and asking me to click a link to view the image of what they were looking for to see if it was the same as what I was selling. The link took me to a webpage for public image sharing – www.imgkey.org. Once there I was asked to download a GIMP plugin to view the images. GIMP is an open source (free) image editor that I have used before and the link looked legit but my suspicions were aroused and I did some snooping in regard to imgkey.org and found out that the link is a Trojan virus download. The imgkey.org url was just registered on May 27, 2013 – 6 days before I got the link so evidently this is a new way for them to distribute this virus.
Just another lesson in never blindly clicking a link that someone emails (or texts in this case).
URLs to stay away from – imgkey.org and gimpsoft.org. I’m sure that the culprits will just find other domains to use, but hopefully this will save someone or more the grief of a virus.
On a side note – If you are looking for a free image editor, GIMP is a decent option. Just download it SourceForge.net through their official download page – http://www.gimp.org/downloads/
If you want additional information about protecting yourself when selling on Craigslist, this book – How to Buy a Used Car A Guide to Avoiding Craigslist Scams & Lemons – has some good practices to follow.