When I logged into my email today I received an alert about my Craig’s List account and that it had been suspended. I had posted a few things for sale and a couple of services recently so I was unsure what the alert was about. The alert claimed that recently I had posted the same content in more than one city and/or more than one category. I knew that I had not done this so immediately I was suspicious. The alert showed the “craigslist” name in the header but the actual address was from a completely different location. Furthermore, the alert was a “png” picture file and was not typed out although it did look like a typed message. The entire picture was a link to some unknown address. Just for fun I clicked it. I don’t recommend that anyone else does this but I had already known that something was wrong.
The link took me to a page that appeared to be an official Craig’s List page but the address in the address bar was completely wrong. The page was asking me to sign in and to confirm my account in order to raise the suspension. After carefully looking over the address and viewing the source code of the page it became painfully obvious that this was a phishing page.
A phishing page is set up by a hacker to look like an official company or official social networking page. They will use graphics and text that is commonly used on the real pages that they are faking. They do this in an attempt to get you, the user, to sign in and correct an issue or confirm your account information that the phishing page has notified you of. An email will be sent to you or they might use a re-direct link on the main page of a social network or company in order to fool you. This technique is used to get people to sign in and then they collect your information such as email address and password. Once they have this information they can take over your account and post spam or other information in order to collect other user account information.
It is a simple trick that does not require much skill or thought but you would be amazed at how many people actually fall for this scam. Once you log in the page redirects you to some other official looking “thank you” page or back to the main site you thought you were logging in to. Once on the main site you are not logged in. Strange? Indeed it is but that will be your first clue that something just happened. If you find yourself in this situation you should immediately change your password and report the original email and/or notification that you received to your account administrator. Also make a note of the URL’s used and send them along with your report to either your email provider or the site that was used in the notification that attempted to phish your information.
I logged in to the phishing site using fake credentials in order to see where the links went to. I collected any information I could about the site and notified Craig’s List and my email provider. Within 24 hours the site was removed and the links no longer worked. Beyond that, and something I didn’t anticipate, Internet Explorer also started blocking the links with a warning that claimed the site was not considered safe. This was a welcomed sight and it let me know that most companies are working hard to combat this kind of scam.
A scam operator may use your credentials to post bulletins, send emails or to post comments on your friends pages if they steal a social network user name and password. They may not change any account information and you may be able to log in to your account but in some cases they lock out the account holder and abuse the terms of service on that account. Use caution when browsing pages, reading emails and networking with your friends. You might think you are in contact with someone you know but in reality it could be a spam operation run by a scam artist that took over the account. If you think a friend’s account has been hacked you should contact them with a phone call or through another account that they might have. Especially if you have been receiving strange comments or spam-like emails from them when before this was not the case.
Create a list of passwords and keep them in a safe place that is off-line. Ten or so passwords should be enough and if you create the passwords in a way that is hard to figure out but easy for you to remember then it can make things safer for your accounts. Change your passwords often and at random times or immediately after “something strange” happens with your account.
The best way to avoid being hacked or phished is to take note of the address and link destinations that are included in the notification. If in doubt then log in from the main address of the account in question. In other words, type the link to the web page directly into the address bar. Log in as you normally would and check to see if anything is wrong with your account. Chances are that your account will be completely normal and there will be no mention of any issues that were covered in the phishing notification. If so, then you can report the notification directly to the associated sites/email accounts and make sure you send along a copy of the notification that you received.
You don’t have to be paranoid because you already know that they are out there and they are out to get you. Just use common sense and be methodical in all of the things you do on line. If you pay attention then a lot of times you can stop a scam before it has a chance to get to you or to other users. Also take the time to read the Terms of Service agreements on the sites you join. You may find important information about how the site will contact you in the event of a problem with your account. Some may not email you. They may just notify you internally when you are signed in to your account.
If you have discovered a scam or phishing site then leave me a comment below. This will help spread awareness and help to keep our accounts safe. Always report a scam. If no one reports these problems then they will be allowed to spread faster and to reach more people.