Attacks Targeting Classified Ad Sites Surge

wiredmikey writes "Despite spam levels being at their lowest since March 2009, metrics released by the APWG indicate that cybercriminals are cultivating an array of alternative attack schemes, and in particular, increasing attacks on the online classified services sector with phishing attacks. Though the online payment services sector remained the most targeted industry with 38 percent of detected attacks in Q2, the classified ads services sector experienced rapid growth in phishing attacks."

Vector not relevent

All scams are essentially the same, regardless of how they are delivered.
Filtering them is a life skill.

Re:Vector not relevent

[countertrolling]

Exactly. Spam isn't down at all. It's just shifted over to something else. Something more akin to direct attacks on the infrastructure, as opposed to social engineering and user interaction that spam email requires.

Re:Vector not relevent

[jellomizer]

In the mean time when they are shifting they get a lot of people who are unaccustom to that new method

Re:Vector not relevent

[Fibe-Piper]

Exactly. Spam isn't down at all. It's just shifted over to something else. Something more akin to direct attacks on the infrastructure, as opposed to social engineering and user interaction that spam email requires.

Totally agree. The line between phishing and spamming may be blurred somewhat and the consequences or rate of apprehension is probably the same or similar.

If true, I doubt there is an incentive for people to sell the contraband enlargement pharmaceuticals when the payoff for a successful phishing attack would be much more lucrative

Re:Vector not relevent

[bobbinspenguin]

Exactly. Spam isn't down at all. It's just shifted over to someone else.

There, fixed that for you. Apparently I need a bigger penis :(

Re:Vector not relevent

[gilleain]

All scams are essentially the same, regardless of how they are delivered. Filtering them is a life skill.

True, but the scammers on gumtree (at least) that target flat adverts seem more sophisticated than the usual "DEAR BLESSED SIR..." 419 email scams.

I've now learned some simple - possibly obvious - indicators:

• Flat available from today (or yesterday in a few cases).
• Very low rent for the location, considering 'all bills included' and the amenites.
• A quite specific one, but strange phrases like "Take care of the flat as it is" (translation quirk perhaps?) or 'sumptuous'

Of course, the clincher was when they replied to my query with a request for a £500 ($810) a deposit by Western Union before seeing the flat. The excuse was "people waste my time by arranging viewings without the money to pay the rent" which is absolute bullshit - there's no way I would ask someone for a deposit without providing something (like house keys) in exchange. A quick google found the same MO in other people's warnings on forums

Less sophisticated, however, was the pair of posts that used the same image for the flat, but in different places in the city. Not suspicious at all, oh no.

Re:Vector not relevent

[stonewallred]

I personally would set up false job/career openings, tailored to draw decently paid professionals to submit a resume. Not ultra-high end folks, who would most likely be targeted by head hunters, but people making 65-90k a year or so. Get the resumes, do a little research, and then contact the best candidates for phone interviews. Use two different folks doing two interviews, then have a third person contact them as "HR" and get the pertinent data, SS numbers, full names, etc etc. Really smart folks would invest the time and energy to set up a "real business" a few years earlier, keeping some always going with press releases, news stories, etc. That way when Joe Sucker googles this company who is planning on hiring him, he will get some hits and see they been around a few years. Do it smart, hit 20-30 folks for each "opening", and quickly nail them for the most money possible using their IDs to take out loans and credit cards, and you could net an easy 100k just scamming 5k using each ones' ID. Could probably keep it going for several years before it became the "newest" scam to hit the TV screen also.

oh right

As someone that runs a forum and blog antispam system, I can tell you that spam levels aren't down at all on all platforms. Weve seen a massive influx of spam recently.

Dregslist Called To Say 'SHHHHHHHHH'.

[tunapez]

Dregslist thrives on this kind of flotsam, has for a long time. Anyone care to estimate how small they would be if they got rid of the ID thieves anonymously requesting resumes from the Jobs section, the fencers postng hot and worthless chit(my fav:Windows disks with used OEM keys) in the For Sale section, the rogue repeat posters who get away with posting the same ads 20 times a day every day of the week for products/services akin to spam subject lines, and, of course, there's the would-be far-away buyers who need your bank account number to transfer you the funds sitting in the wings.

I'd go out on a limb and estimate a good 50%- 65% of Dregslist For Sale, Jobs and Gigs are scams, dregs and/or repeats. How is this newsworthy other than the fact that Dreg is doing nothing to stop it while profiting hugely?

Re:Dregslist Called To Say 'SHHHHHHHHH'.

[drinkypoo]

Ugh, you're not kidding. Amusingly the worst spammers in my area are the derelicts selling VW parts nobody wants at prices nobody can afford or will pay even if they can. They repost all their same shit twice a week and it clogs my google reader.

Re:Dregslist Called To Say 'SHHHHHHHHH'.

You, uh, you know that Craigslist doesn't charge money to put up an ad in the For Sale or Gigs sections, or even the Jobs section except in a handful of markets, right? If you're looking for a nefarious profit motive you're looking at the wrong company.

Now, it is true that they don't have the staff to weed out the crap, but you get what you pay for.

Re:Dregslist Called To Say 'SHHHHHHHHH'.

[tlhIngan]

Ugh, you're not kidding. Amusingly the worst spammers in my area are the derelicts selling VW parts nobody wants at prices nobody can afford or will pay even if they can. They repost all their same shit twice a week and it clogs my google reader.

Twice a week isn't bad. Some of the worst ones do it daily or more often, enough to flood the useful postings off and make it impossible to find without having to dredge through the crap.

I believe it's done because it's really hard to filter out - it is a classified site, after all, so people do go through expecting to buy or sell stuff. Your wheat is my chaff and vice-versa. And there's no real solution to it either - there'll be people who are legitimately affected by any policies (e.g., post limits per day), and comparing by similarity just makes it harder to sell for everyone.

And that doesn't include those who post too all the surrounding areas that are an hour away...

Re:Dregslist Called To Say 'SHHHHHHHHH'.

[timeOday]

I think it's a pity because I really like Craigslist - I like their attitude of keeping a clean, functional page, not clogging it with all kinds of links and ads all over.

And yet the *users* of craigslist are the typical dreck, and they're destroying the site. Last time I emailed about a laptop that looked like a good deal, I got a response that "gosh, it just sold to a nice couple, but I originally got it at this great auction site xyz.com for even less!" Between all the scammers, and those who are simply too lazy to answer their email or taken down a listing after something has sold, it's hardly worth it for anything smaller than several hundred dollars.

Ebay is sort of the opposite (hyper-monitizing, expensive to use, cluttered pages, sometimes heavy-handed paypal policing) - but at least auctions end at a specific time, and if you buy at a fixed price, the item actually exists and does show up at your door (IME, YMMV). Maybe Craig Newmark is just too nice a guy.

Re:Dregslist Called To Say 'SHHHHHHHHH'.

[MrEricSir]

Sir or madam, my name is Prince Natobe and I need you to help my family send $100,000 to my daughter in Nigeria. If you could help launder... I mean "send" the money, you will be paid 10%. Thank you.

Re:Dregslist Called To Say 'SHHHHHHHHH'.

[stonewallred]

I advertise HVAC/R services on Craigslist all the time. Free and only takes a minute or two. And I usually get at least a call or two a week. Which is the best ROI I have ever had for any advertising. Of course it helps that I am willing to advertise my prices for labor and the prices of refrigerants and common services, which the industry frowns upon around my neck of the woods. Protip, when you need "freon" in your system and most companies are selling R-22 for $65.00 a pound, and Billy Bob's HAVC Services is selling it for $40.00 a pound, he is not selling stolen refrigerant, nor used refrigerant. He just decided that $40.00 bucks a pound, plus labor, plus travel charge was a good return. Especially since a 30 pound jug of R-22 was $164.00 Friday when I grabbed another jug from the supply house. Yeah, they rip you off that much. Costs ~$5.00 bucks per pounds, and sells for a minimum of $40.00 (I was working for a company 12 years ago that was selling R-22 for $48.00 a pound then, with a 30 pound jug costing ~$60-65 bucks a jug.)

Re:Dregslist Called To Say 'SHHHHHHHHH'.

[tekrat]

You mean, you're not willing to pay $100 for a rusty, bent fender? It's RARE. And I'll bet you're looking for recent VW parts.

Try aircooled, "vintage" beetle pieces. You'd think they were made of gold. And yet, beetles can still be found in just about every junkyard from coast to coast.

Not surprising

I posted a car for sale on CL and got several phishing attempts, and a few other suspicious emails.

One was a pretty standard, if rather convincing, craigslist login phish. One was actually rather interesting--the person asked what the insurance would be on it and suggested that I use a certain site to estimate it. The URL looked suspicious so I didn't bother but I'm sure it would have asked for my personal data had I continued, and I'm sure it would have ended up in some scammer's database.

I also got lots of emails that were from one address but asked me to reply to a different address, which raises all sorts of red flags--I assume the scammer knows that his first email account will be closed due to abuse and therefore wants to use a second account that is less likely to get closed when they talk to marks.

While CL lets you hide your email address for posting it doesn't really help much: You still have to reply to emails to sell your item, and then they can see your address easily. Including only a phone number might be safer, but it probably has its own risks that I haven't thought about yet.

I never did manage to sell that car.

Yes

[n_djinn]

Yes hello, I came across your advet and would like to know if said item is in good condion and still available for purchase. I am at this time currently traveling abroad and would be buying for my cousin as a gift who lives in your area. May I have you social securit number and bank account? I will arrange for currior pick up.

Re:Yes

[toejam13]

Roughly half of the emails I receive for stuff I post in their for-sale section come from bots. I assume that they're trying to harvest email addresses for spam since Craigslist don't use a double-blind system. Almost all make no mention of the product in the body of the email and instead use a generic "is this item still available?" body.

These days, I add a statement to my postings that inform people emailing me to add the line "I'm not a bot!" or "I see purple people!" to the subject line of their email. Even if they're not a bot, I figure that if they can't follow simple instructions, they're not worth the time or effort to deal with.

Monster and Carreerbuilder

It's not just on these types of classified ad sites. If you've ever gone looking through the job postings at Monster or Careerbuilder in the IT area, almost every job posting is an agency, a recruiter, or an online school.

I especially like the ones that have the "You agree that after submitting your application, if your skills are not sufficient for the job description, you agree to accept our calls to offer applicable training."

IF only there was a filter to Exclude "Robert Half" and "Cybercoders" the list of IT jobs would be 1/4 of the current size.

You don't use it much, do you?

[rusl]

Or maybe you're looking at the sex ads? I look at the sex/personal ads too from time to time, I've never acted on one but they are interesting to observe. Anyway most of those are fake.

But otherwise I don't see much fake stuff. Lots of people sell tools and electronics, stuff for parents. It's a great free system and craigslist is very altruistic to do it without fees (except in NY or something like that?). You just hate craigslist and you don't use it much because you don't know what you are talking about. Obviously it doesn't work for everything (the catagories you mention)

I do find that calling and emailing back and forth to arrange viewing an item then picking it up is quite time consuming. It gives one an appreciation of the value of retail space and the premium we pay for it. It would be a very sad day if craigslist were overcome with spam.

I do think it varies by location too. In Vancouver, BC I think there was less spam than in Eugene, OR which is interesting because Eugene is a lot smaller but I think the spammers target the USA slightly more. (we have some spam too)

they tried to get me recently

[ruebarb]

tried to sell some pokerchips on Craigslist - got a generic email asking me to verify the item I was selling was identical to the one in the video link the person sent to me (from a random hotmail account) - decided to keep the poker chips and not click the link

ah well -

rb