Scam Tells.

3.22.2010

I posted an item up for sale on Craigslist, and was excited to receive this email the next day:

From:     Michael Haishkarem
Re:       Re: [exact title of the item I posted]

Hi,

saw the Ad you put up on craigslist titled - "[exact title of 
the item I posted]" and I'm quite interested in purchasing this 
but I am not too confident if it's the similar type that my cousin 
is after. Here's a demo that I was able to cpy from my brother's 
computer URL1 or try URL2. Can you please confirm its the similar 
kind and get back to me as soon as possible. I'm ready to pay a 
little more than what you put on for sale as long it matches the 
Vid description and you can put it on hold for me.

Kind
Regards
Sonya.

After a few seconds of thought, I decided that this was a scam; probably a computer generated phishing attempt. Note the following hallmarks:

  • Several personal details (the cousin, the brother) intended to make the email seem more personal and authentic.
  • A generic email that could easily be re-used for other postings. The email title and item mention in the email body were what I had posted for the item; verbatim. These were clearly scraped right off of my Craigslist posting. And there was no other mention of the item in the email.
  • An appeal to the victim's greed. "Oh, you'll pay me more if I click these links?"

The two URLs were hot linked to a URL shortening service. I turned off cookies and JavaScript in Chrome and visited the site. I got no source code, but I'm willing to bet that it would have installed some malware had I visited the site without protection.

Permalink

Tags: paranoia psa

Authorized users may log-in to leave a comment.

Last Blog: IE8's Compatibility Mode.

Next Blog: Opera Mini on the iPhone.

If you want to learn more about glass fusing, check out Bullseye Glass's online video kilnforming lessons. They have a few videos available for free!