Craigslist Listing Flagged – Phishing Example

Yesterday we posted on how craigslist is a prime phishing target. Today we have a couple of new examples. The subjects we’ve seen so far are about cars:

Subject: 2005 Pontiac Grand Prix GTP Sedan

Subject: 2006 Nissan Altima SE

In both cases they’re after your craigslist account.

Both messages come from zombied AOL accounts masquerading as gmail addresses

From: <greenx420@gmail.com>

From: <marytaylorbooks@gmail.com>

There are probably more variations of subject and “From:” address in this campaign and we’ll post any more that we see. If you’ve seen any we don’t list feel free to add them in the comments.

The message bodies both look like this:

** CRAIGSLIST ADVISORY — AVOID SCAMS BY DEALING LOCALLY
** Avoid: wiring money, cross-border deals, work-at-home
** Beware: cashier checks, money orders, escrow, shipping
** More Info: http://www.craigslist.org/about/scams.html

Listing flagged

http://kpr.craigslist.org/ctd/2029223132.html

---

this message was remailed to you via: sale-57uuc-2029223132@craigslist.org

---

They start with the usual craigslist advisory at the top and then proceed to let you know your listing is flagged. This creates urgency in your mind so you’ll fall all over yourself to click the kpr.craigslist.org link without paying attention to what it actually links to.

The links in both examples have the same link text

http://kpr.craigslist.org/ctd/2029223132.html

but they link to different directories on the same hacked domain

www.tanglewoodkennels.com/422795/index.html

www.tanglewoodkennels.com/41632/index.html

As of this writing both links are still active and contain a fairly crappy fake craigslist login site to help you hand over your craigslist username and password.

Again, if you see any different examples please post them in the comments.

- -

OnlyMyEmail is an award winning hosted spam filtering service and business email hosting provider. Our enterprise cloud computing anti-spam solution, the MX-Defender, has the highest capture rate of any spam filter ever tested in the VBSpam Challenge, blocking a record setting 99.9993% of all malicious and junk email.

Our Personal spam filtering system is also a Software as a Service (SaaS) solution and has won both the PC World "World Class Award" and also the PC Magazine "Editor's Choice Award."

OME-Kids is a webmail solution that protects children from spam and other harmful emails. OME-Kids offers unique Parental Controls that allow you to choose the level of security and oversight that's right for your child.

Tags: craigslist, phishing

This entry was posted on Thursday, October 28th, 2010 at 11:00 am and is filed under Phishing Lessons. You can follow any responses to this entry through the RSS 2.0 feed. Both comments and pings are currently closed.