Fake Craigslist Emails Lure Unsuspecting Victims to Sites that Push Malware

Gallery Icon

bill-swift - June 15, 2012

People use Craigslist for a lot of stuff. You can sell virtually anything, from books to cars to apartments and even houses. You can find someone to hook up with in the classifieds, or even get a job if you recently got fired.

Given the site's popularity, you can also expect a huge legion of scammers trolling the site, posting bogus ads and sending fake emails to try and lure unsuspecting victims into scams and malware-infected websites.

Researchers from Websense have reported that they have come across over 150,000 emails containing links to compromised sites that are hosting the Blackhole exploit kit. These kits take advantage of unpatched exploits to hack into computers and install malware.

The subjects of these emails are patterned after how Craigslist sends off confirmation emails after someone posts an ad. Some of the scam emails are headlined with the following subjects:

POST/EDIT/DELETE : "Models for fine" (systems / network)

POST/EDIT/DELETE : "Studio4PaintWorkCatskills" (education)

POST/EDIT/DELETE : "Show Your Art" (cars+trucks)

The messages copy Craigslist's confirmation emails as well, but the links in the message don't point back to Craigslist. Instead, they lead to Wordpress sites that hides an iFrame redirection code that leads them off to compromised sites that are serving the Blackhole exploits.

The kit tries to exploit Adobe Reader, Adobe Acrobat and Windows Help and Support Center vulnerabilities on the user's machine. When it does find one, the kit then proceeds to inject malware into the computer--and that's when the bulk of the trouble begins.

When you receive suspicious-looking emails or unexpected notifications, hit the spam button and delete the messages from your inbox. It's better to be safe than sorry, especially in cases like these. Make sure you've got an anti-virus program installed on your computer and keep it updated to stay protected.

Tagged in: gear ,

Disclaimer: All rights reserved for writing and editorial content. No rights or credit claimed for any images featured on unless stated. If you own rights to any of the images because YOU ARE THE PHOTOGRAPHER and do not wish them to appear here, please contact us info(@) and they will be promptly removed. If you are a representative of the photographer, provide signed documentation in your query that you are acting on that individual's legal copyright holder status.