A recent Craigslist scam attempts to trick its victim into downloading dangerous spyware. This is done by an invitation to see if videos match products that they’re marketing. This scam further illustrates the need for caution when using the famous online classifieds service. Over the years, Craigslist has expanded to over 20 billion page and scams can be common. The majority of Craigslist transactions are honest. But the sheer volume of transactions can present occasional danger.
This latest scam involved an individual who was selling items on Craigslist prior to moving. He received a reply to one of his Craigslist ads. The reply requested that he check a video on a site to confirm the exact identity of the item he was selling. The message contained a link to the video. The sender stated that he would buy the item if it was the one depicted in the video.
Once the individual clicked on the line, he was taken to the scam website. There, he was prompted to download the software so that they could “view” the video. The download actually consisted of malware. The malware would then take over the computer. Once this occurred, unwanted ads would continuously pop up. There was also the possibility of sensitive personal information from the victim’s computer being sent back the malware originator.
Uninstalling malware and returning everything to normal is difficult. In this case, the scammer did provide instructions on how to remove the malware. For those who have become a victim of this particular fraud, they would need to recall the name of the host site. They would then need to key that name in and follow it with: /movies/uninstall.html.
However, the best thing to do is to just not fall for the scam.
Another recent Craigslist scams involved a request for a potential buyer to leave their phone number. The pretense is that the potential “buyer” would call back later in order to transact business. However, the phone number is used to make expensive premium calls which become the responsibility of the victim.
The majority of other Craigslist frauds are phishing scams for identity theft and advance payment scams. Advance payment scams are also known as Nigerian scams. In a standard Nigerian scam information and money is requested in exchange for a large sum. The information, that is “needed”, can include bank account numbers, phone number and other personal data. Advance payments will also be request to cover miscellaneous bribes, fees, taxes, etc. Craigslist phishing scams will make an attempt to get personal data for the purposes of identity theft.
Here is a recent variation of an identity theft scam. In London, a person wishes to rent an apartment. She is fooled into thinking that she is dealing with an actual apartment owner. The scammer tells her that she doesn’t need to send him an advanced payment. This tactic is designed to establish trust. But the scammer tells her a tale of past problems with payment. So he suggests that the victim send $2500 to a relative or friend of her choice. This will prove that she has the money to pay for the apartment.
But the scammer also requests a copy of the payment transfer as proof of the payment. Shortly thereafter, the scammer shows up at the Western Union office while assuming the identity of the person that the money was sent to. He then collects the $2500. Here, it’s not made clear if Western Union paid out on a copy or if they were duped into thinking that it was an original. An investigation is being made. The lesson here is that not only should you send electronic payments to strangers, but you should not send copies, either.
Two main rules for avoiding Craigslist scams include never handing over financial and confidential information. Additionally, don’t believe something that sounds too good to be true.