The FBI's Internet Crime Complaint Center (http://www.ic3.gov) has issued a new warning that is both interesting and timely. Specifically, the FBI says it has "seen an increase in cyber criminals who use online photo-sharing programs to perpetrate scams and harm victims' computers."
The warning is given in a specific context: victims using the web to price or buy automobiles, sometime utilizing online auction sites.
"These criminals," says the FBI warnings "advertise vehicles online but will not provide pictures in the advertisement. They will send photos on request. Sometimes the photo is a single file sent as an e-mail attachment, and sometimes the victim receives a link to an online photo gallery.
"The photos can and often contain malicious software that infects the victims" computer, directing them to fake websites that look nearly identical to the real site where they originally saw the advertisement. The cyber criminals run all aspects of these fake websites, including "tech support" or "live chat support," and any "recommended" escrow services. After the victim agrees to purchase the item and makes the payment, the criminals stop responding to correspondence. The victims never receive any merchandise."
The FBI urges consumers to protect themselves when shopping online. Here are a few tips for staying safe:
- Be cautious if you are on an auction site and lose an auction and the seller contacts you later saying the original bidder fell through.
- Make sure websites are secure and authenticated before you purchase an item online. Use only well-known escrow services.
- Research to determine if a car dealership is real and how long it has been in business.
- Be wary if the price for the item you'd like to buy is severely undervalued; if it is, the item is likely fraudulent.
- Scan files before downloading them to your computer.
- Keep your computer software, including the operating system, updated with the latest patches.
- Ensure your anti-virus software and firewalls are current - they can help prevent malware infections.
Finally the FBI says "If you have fallen victim to this type of scam, file a complaint with the Internet Crime Complaint Center.
This FBI warning is given in the specific context of online auto buying. But the warning can be applied in a broader context, and one that is especially relevant to young people - malicious code embedded in photos.
In most cases, embedded images in email are just as they appear: photos from friends and family and other folks you know. Or sometimes you get an email or twitter message offering you an unusual or juicy photo. You can't resist so you say yes, and the photo shows up and looks like it was advertised - the cute puppy or kitten, etc.
But hidden in that photo, not visible to the human eye is a virus or other malicious code. For years now it has been a relatively simple exercise to hide a virus or malicious code in an image that has a filename ending in .jpg or .gif. So you have to be extra cautious.
Most young people know not to open a downloaded file ending in .exe unless they are absolutely sure of its source - and their best friend is not a reliable source because their computer might be infected. But opening an image file seems innocent enough. But beware.
Today, many email programs allow you to preview an image in the email instead of automatically downloading it onto your computer. Maybe the preview is enough and you won't have to download the actual file. Previewing will warn you if the supposed image is not a image, and you can move on without ever having to download it.
Finally, you should be using an anti-virus program that automatically scans all downloads, including images, and will strip out a malicious code or else will quarantine the image before it reaches your computer and its operating system.