Car shopping online? Beware 'pic sent upon request' ads, FBI warns of malware with photos

If you’ve spent any time browsing Craigslist, then you’ve surely come across posts promising to send photos upon request. If the user says to “text” them regarding questions, then it always struck me as odd that he or she didn’t include even one free-to-post picture taken with their cell phone. Well now it’s buyers beware, warned the FBI, as vehicle sellers are sending the “requested” photos packed full of malware. No the feds didn’t single out Craigslist, but folks looking for a “steal” on an automobile often know that Craigslist is great place to go.

Car shopping online? Beware 'pic sent upon request' ads, FBI warns of malware with photos

For people planning to buy a car online, the FBI said cyber criminals are busy with scams, “posting ads on the Internet without pictures, providing photos only upon request. Sometimes these images are sent as attachments, other times as a link to an online gallery—but in either case, the photos can and often contain malware that infects the victim’s computer.”

This could easily be a vehicle purchased from an auction site. The malware directs potential buyers to a spoofed site run by cybercrooks, a website “that looks nearly identical to the site where the ad was originally seen. When the victim agrees to purchase the item and makes the payment, the criminals stop all correspondence, and the victim never receives the merchandise.”

The FBI urges people to be cautious and do a little research before buying a car online. Find out if the dealership is even real and how long it has been in business. If the price is way below Blue Book then keep in mind there is a reason for the saying “too good to be true.” The FBI warned, “Be cautious if you lose an online auction but the seller contacts you later saying the original bidder fell through.” The feds offer safe shopping tips like making sure you are only buying over secure and authenticated websites and to stick with “well-known escrow services.” Keep your computer OS and other software patched; be sure you are running updated anti-virus and a firewall . . . and use them to protect yourself. Also be sure to scan any downloads.

That bit of advice was for people shopping online for vehicles, but it is wisdom that applies to anyone shopping online for anything. If you are hooked on online auctions, then you should also be wary of sellers who do include a picture with a tiny disclaimer at the bottom such as "be sure this auction listing is for all things in the image." It’s not a big deal to add an image to an auction, so that seems phishy right off the bat. You might want to look for another listing. If you are pretty good at spotting scams, and are really bored, then you might do other buyers a good turn, random acts of kindness, by periodically running through eBay and Amazon and reporting scammers’ listings.

Online grocery shopping

If you’ve ever dreaded the fact that you need to run by the grocery store, Amazon is planning to roll-out an online grocery store. That has businesses such as Walmart “testing same-day and next-day delivery of online grocery and general merchandise orders.” Other stores selling food may choose to compete by using "Click and Connect," which is currently the strategy of “Harris Teeter, a food and pharmacy chain on the East Coast of the United States. Customers order food online and choose a time to pick up the produce from designated areas outside the company's stores. There is a $4.95 service fee for this.”

Windows shopping to be real shopping

Meanwhile, eBay intends to turn window shopping into real shopping this month by “launching virtual stores called ‘shoppable windows’.” For starters, four screens will open in “busy parts of New York City” to help sell the fashion brand Kate Spade Saturday. Reuters reported:

The new screens measure about 9 feet across and 2 feet (0.6 meter) high and will appear on the front windows of closed stores. Shoppers will be able to touch the screens to order and have products delivered to them within an hour via courier. Payment will be accepted by the couriers through PayPal Here, a mobile payment service developed by eBay. 

We are inching ever closer to the Internet of Things when your refrigerator really will be able to place its own order to restock perishable food. Speaking of all manner of things that are plugged into the Internet, but that don't need to be, and the cybersecurity headaches that can produce...

China says we're stupid for keeping weapon system designs online

Huang Chengqing, the director of China's National Computer Network Emergency Response Technical Team did not deny US reports of Chinese hackers compromising the designs for more than two dozen major weapons systems. Instead, Chengqing "suggested that if the US government wants to keep weapons programs secure, it should not allow them to be accessed online." He said, "Even following the general principle of secret-keeping, it should not have been linked to the Internet." He also claims to have "mountains of data, if we wanted to accuse the US, but it's not helpful in solving the problem." President Barack Obama will meet with Chinese President Xi Jinping this week; cyber espionage and nation state hacking are some of the cybersecurity topics expected to be discussed.

To express your thoughts on Computerworld content, visit Computerworld's Facebook page, LinkedIn page and Twitter stream.
Windows 10 annoyances and solutions
Shop Tech Products at Amazon
Notice to our Readers
We're now using social media to take your comments and feedback. Learn more about this here.