• United States




How to stick it to Craigslist scammers

Jan 27, 20156 mins
Data and Information SecuritySecuritySocial Engineering

Now for something completely different: Here's how to avoid getting scammed on Craigslist and have fun in the bargain

Mark, one of my good friends, is best described as a fun-loving, good-natured, South African pirate. Like cult hero Captain Ron, he has few enemies and is loved by nearly everyone — except for Craigslist scammers.

Mark is a deal-maker, a buyer and seller of many objects, quite often on Craigslist. I paid $1,000 for my used kayak; he bought three great-looking kayaks for $200. When he offers an item for sale, almost always the first people to reply are scammers. Even if they aren’t first, they’re always the most aggressive.

But instead of ignoring or reporting their inquiries, he wastes as much of their time as he can. He figures if they’re going to eat up his time and possibly bilk people successfully, anything he can do to slow down or frustrate them has to be good.

This isn’t a completely new idea. Brian Krebs’ best-selling “Spam Nation” reveals that some antispam groups routinely respond to spammers with fake inquiries to burn fraudsters’ time and money. The spammers go to great lengths to verify “real” buyers and often end up canceling real sales.

To be clear, I don’t recommend this practice — there’s real risk attached to making scammers mad. This will never stop Mark, however, who loves to regale dinner companions with colorful stories about his adventures.

Fun with miscreants

What’s Mark’s modus operandi? Here’s a transcript of an actual email exchange. First, Mark posted a radial saw for sale on Craigslist for $500.

Scammer: Hello, what’s the best price for the 16-inch radical arm saw (Dewalt) — $500?
Mark: $1,000
Scammer: Is the price firm and the condition good?
Mark: Yes, price is firm unless I get higher offers before you pay and the condition is not so good.
Scammer: Great. I’ll be glad to buy from you. Pls provide me with your name to make your certified check to in payment for it. Also provide the mailing address to have it delivered in mail tomorrow. Pickup arrangement will be made after check is confirmed clear at your bank. Looking forward to do business with you.
Mark: OK, just so you know, the truck that picks it up has to have a forklift, 2 stank hooks, and a clift bar in order to get it on the truck.
Scammer: That’s OK, will make the necessary arrangement for pickup.
Mark: I need confirmation from your shipper that they have the necessary equipment.
Scammer: Yes, just confirmed.
Mark: Sorry, that was too quick. I need written confirmation from an actuarial warranty accountant that the equipment can handle the load and configuration.
Scammer: I will send you check, OK? Just send me your address. I will send you check for $3,000, you deposit and keep $1,500 (an extra $500 for your trouble), and then send the other $1,500 to my shipper via Western Union, after my check clears.

Mark sends the scammer all bogus information, often including the address of the White House, Scotland Yard, or some other famous address, along with the personal details of James Bond, Sherlock Holmes, and so on. The scammer sends a “certified bank check” that he hopes Mark will deposit in his bank.

Most people think the “check” clears simply because the bank accepts the check deposit. The scammer hopes the person deposits the check and sends the extra amount (real money from the victim’s bank account) via Western Union. A few days later the bank voids the bogus check.

If you fall for the scam — Mark isn’t done having fun yet. A few days later, the scammer checks in:

Scammer: Did you get the check?
Mark: I just moved. Can you send to my new address?
Scammer: [Usually no reply for minutes to hours] Yes, what is your new address?

Mark sends them another bogus address, sometimes asking for the check to be sent via certified mail to waste a little scammer money.

Scammer: Did you get the check?
Mark: Yes, thank you. Unfortunately, I ran out of money and had to spend the money you sent me. I also sold the radial saw. Someone else offered me $4,000. But if you send me another $2,000 for my $6,000 18-inch radial saw, I will give you the amount I owe you. Plus I just moved again, but this time I think I’m staying. My Internet access is sketchy, so we may have to use regular mail for future communications.

And so on. Mark is able to get these scammers to participate for weeks and weeks, each day getting them more frustrated and angry. I know what Mark does isn’t terribly productive, but his antics have probably persuaded a scammer or two to find another line of business.

Telltale signs of fraud

Too many Craigslist users fall for these scammers and become victims. The general rule of thumb: If the deal is too good to be true, it’s too good to be true. Here are some common markers that buyers or sellers are not who they seem to be.

Eagerness to pay full price plus shipping. Not only is the buyer willing to pay full price, but he or she offers to pay for shipping — to a foreign country, typically. Plus, they fail to ask specific questions indicating they actually know about the product they’re buying. Instead, you get: “Is it still for sale?” and/or “Is it in good condition?” Not sure whether it’s a scammer? One thing for certain: If they offer to overpay for the product, you have a scammer — no one in their right mind would do that. Short of that, you can try raising the price because scammers agree to everything.

Use their resources, please. Scammers want you to use their shipper, their escrow agents, and so on. If they offer up an escrow agent, see if they’ll take PayPal or an independent, reputable escrow agent instead. They usually won’t. Don’t be fooled by escrow agents or payment methods that seem legit. They aren’t.

Offsite emails. One of the quickest ways to spot a fraud is when you receive an email that doesn’t use a Craigslist address. Scammers want to get you off the site before anyone notices the fraud.

Instant pinpointing of the closest Western Union office. A great giveaway is the speed at which the scammer reveals your proximity to the nearest Western Union site after you complain one isn’t close by. Or you may be instructed to buy e-money cards from Walmart and the rest. Scammers are always prepared to identify money sources because they have the location-finder ready in their browser. A regular buyer doesn’t do that.

Job scams. If someone advertises a high-paying job that allows you to work from home and doesn’t require experience, the perp may well be in the identity theft business. Sadly, such jobs don’t exist.

I wish Craigslist and others did a better job stopping the scammers. It’s not hard to spot them since they all seem to use similar methods. Until they come up with a better antiscam engine, you’ll simply have to beware. Alternatively, if you know what you’re doing, you can be like my best friend Mark and have a little fun.


Roger A. Grimes is a contributing editor. Roger holds more than 40 computer certifications and has authored ten books on computer security. He has been fighting malware and malicious hackers since 1987, beginning with disassembling early DOS viruses. He specializes in protecting host computers from hackers and malware, and consults to companies from the Fortune 100 to small businesses. A frequent industry speaker and educator, Roger currently works for KnowBe4 as the Data-Driven Defense Evangelist and is the author of Cryptography Apocalypse.

More from this author