Hi! I am slightly freaking out. I run a business where I DO need photos from customers and they send them via Etsy for my custom work.

I received a weird message about needing rainbow ornaments, etc etc. They sent an image (PDF file), as an attachment via Etsy Messenger. I opened it because again, this is not unusual for my business. As soon as I read the image I knew it was a scam. I told them I won't be opening it (they said they're on vacation and can't access files etc etc) and reported it as spam. 
I just changed my Etsy password and have text verification on for logging in. Am I at risk for opening the image they sent? I wasn't sure if Etsy had a built in scanner to protect sellers. I am terrified. The file name I could see once I clicked it was a "cam scanner" generated PDF. To my knowledge from a quick google, this seems to be an app that allows people to create PDF files. I need to know if I am at risk just for opening that file. PLEASE HELP!

My turn today. Got a message yesterday asking for discount and asking how many of a certain item I had. I was suspicious from the start but just gave a polite 'sorry no discount' response.

Today they're back with a sob story about how another seller let them down and please don't tell them to just add what they want to the basket, with a PDF detailing everything they want.

Obvious scam but leaving this here as a reminder to others.

I've had people send me 'spec sheets' or links to spec sheets several times. I used to get excited because they implied they wanted to buy a lot of items. My antivirus/security program would warn me about a risky site or the file. I'd message the person letting them know that I was unable to access the information ... and usually would never hear back. When I did hear back it was never with an offer to provide the information in a safe manner. So no gain but no loss. But I do think its a good thing to warn sellers about this scam.

Sigh.

@WantableDesigns "Today they're back with a sob story about how another seller let them down and please don't tell them to just add what they want to the basket, with a PDF detailing everything they want."

Yes, I had that one last night. Moved to spam. I do wish there was a more definite 'report phishing' button, I know Etsy apparently looks at the Spam folders, but it feels a report would move stuff sooner. Also, if there is a rush of the same type of scam going around it would be good if it appeared in the dashboard.

Well Kudos to Etsy I guess. The messages I received and marked as spam are totally gone, even from my spam folder. Other messages I've marked as spam in the past are still there so it looks like Etsy has removed the 'person' from the site.

I had one of these recently too - reported as spam but the messages are still there. Very persistent, wanting me to open a pdf to look at a 'product' (no details even when I asked for them, and I could see the thumbnail of the file bore NO relation to what I sell). On a busier day I might well have clicked on it without thinking...

There are various types and variations of scams on the internet.  I'm going to post this list again of Red Flags to watch for.  Hopefully it will help other sellers.  Once you hit 3 or more red flags, shut down the conversation.  

1. New seller
2. High dollar item or large sale amount
3. They want to take the conversation off Etsy
4. They want to take the sale off Etsy
5. You go back to their account, and it's gone
6. They ask if something is "still available" when it's obviously for sale in your shop
7. They ask about the condition of an obviously new item
8. They ask if you are honest
9. They send you a link to a "Shopping List" of items they want, or a custom design they want.  DO NOT CLICK ON THE LINK
10. Odd language
11. There is some urgency, such as a birthday or anniversary
12. They claim they are in the Navy, an oceanographer, on a cruise ship, on a research vessel in Antartica
13. They claim they cannot check-out through Etsy due to their location
14. They claim your Etsy checkout isn't working, and they send you a link to "fix it"  
15. They ask you to buy a high dollar gift card and include it in the order
16. They claim you need to buy a high dollar pre-paid Visa or American Express card to get your Etsy account working
17. They claim they are Etsy and and want to to buy a pre-paid gift card or click on a link to get your account approved
18. They will pay you extra for the inconvenience
19. They claim to have their own shipping company or pick-up agent
20. They claim an uncle is paying
21. They want to pay by money order or Cashier's check
22. They send you payment for far more than the order total
23. They want you to send the overage through Western Union, Venmo, etc.
24. They send you a (fake) PayPal email that says PayPal will release the payment after you send them the overage.