Saturday, October 02, 2004

How scammers use craigslist to mint money

This morning, while browsing some classified ads on craigslist, I came across an interesting post. The subject of the post read "New, used and refurbished Dell Laptops". Inside the post, there was a just a hyperlink. Normally, when people do post their stuff on craigslist, they sometimes add links to other sites that either contain the description or the photographs of the item they are selling.

Hoping to find more info on the laptops, I clicked on the link inside the posting. The link took me to eBay's website on a page showing a bunch of Dell laptops put up for sale. Okay.. so what makes that interesting, you would wonder?

Well, the interesting part is my quick eye caught a couple of things: First, the link originally didnt point to eBay. Second, between the time I clicked on that link and ebay appeared on my browser, I was redirected a couple of times. In an instant, I realized that someone just make a few cents through my click. The more people click on that link, the more money the scammer makes.

Here is how it works: Some scammer (lets say ABC) goes ahead and registers for a pay per click program that is provided by some leading search engines like Overture and Google. If ABC was hosting some website and people click on those ad links, then ABC makes some money per click. So ABC decides to post an ad on craigslist, advertising Dell laptops, with a link that points back to ABC's website. The moment someone clicks on the link mentioned in the craigslist ad, s/he is transferred over to ABC's website, which again redirects the user (deceptively and instantly via Javascript) to Overture's or Google's site and they inturn redirect you to eBay. It all happens so fast that you are led to believe that the link from craigslist directly took you to eBay.

Now because craigslist is a popular destination, a lot of people visit it daily. Lets say craigslist receives about 100,000 hits per day on a particular city site for a particular category - tech (lets say Seattle - http://seattle.craigslist.org/sys/). Assuming that 1/10th of those visitors open the post and click on the link provided by ABC, then ABC tends to make around 10000 * 0.05 = $500 per day per posting. What if ABC decides to perform the trick on users of other cities also? The scam could run into thousands of dollars.

I sent couple of emails to the folks that run craigslist and they deleted these kind of fraudelent posts, but how can they ensure that the scammer ABC doesnt post the same kind of ad again? If they cannot stop these kind of posts, then they risk a serious threat to the character of their site.

Comments: Post a Comment

<< Home

This page is powered by Blogger. Isn't yours?

Copyright Anand Jain 2004, 2005. All rights reserved.
Webmaster