Posts Tagged ‘craigslist’

Account Update Notice – Craigslist Fraud

Monday, July 11th, 2011

While spam volumes may be down, the Phishing fraud’s continue in high volume with Craigslist.org users being highly favored targets.

Look for these spam emails to trap unsuspecting users:

Subject:     Account Update Notice
From:     “craigslist” <help@craigslist.org>

While they spoof  “help@craigslist.org” as the sending address, most that we’ve reviewed have come from various hijacked Earthlink accouts:

from elasmtp-banded.atl.sa.earthlink.net ([209.86.89.70])
from elasmtp-scoter.atl.sa.earthlink.net ([209.86.89.67])

Here’s a complete copy of one of these “Account Update Notice” frauds:

more »

Listing limitation – Craigslist Phishing Example

Monday, November 8th, 2010

Here’s yet another example of how frequently craigslist accounts are a phishing target.

Craigslist phishing often relies on the fact that a lot of people have listings up on craigslist.org at any given moment. This gives  the phisher a larger pool of targets that might actually believe there’s a problem with their account.

In this case they’re claiming that your account is “ON HOLD”. more »

Craigslist Listing Flagged – Phishing Example

Thursday, October 28th, 2010

Yesterday we posted on how craigslist is a prime phishing target. Today we have a couple of new examples. The subjects we’ve seen so far are about cars:

Subject: 2005 Pontiac Grand Prix GTP Sedan

Subject: 2006 Nissan Altima SE

In both cases they’re after your craigslist account. more »

Craigslist – Prime Phishing Target

Wednesday, October 27th, 2010

One of the online communities most frequently targeted for phishing is craigslist.org. This is primarily because, as their about > help > spam page puts it, email is “integral to the functioning of craigslist”. Because of this, craigslist account holders are used to seeing a lot of email from craigslist. Seeing a lot of email from the same source leads to complacence.

Spam and phishing emails count on you to automatically trust the purported source and click the links. Which is why you need to know how to spot them. more »

Entry Level Spam Position Available

Tuesday, January 19th, 2010

Just saw a post over at The Consumerist about a spammer that forgot to supply data for their mail-merge:

I got this spam recently. Looks like our spammer forgot to fill out his form fields! “Whatsup My parents are from #CSVFIELD(3)# too! Are you 100% sure you wish to get rid of this #CSVFIELD(2)#?” I love how vague and modular it is, it’s like spam madlibs!

We see this all the time and didn’t think to mention it. Sometimes we forget how jaded we are about this stuff.

The message above exemplifies two very common spam phenomena:

more »