Abstract
Fraudulently posted online rental listings, rental scams, have been frequently reported by users. However, our understanding of the structure of rental scams is limited. In this paper, we conduct the first systematic empirical study of online rental scams on Craigslist. This study is enabled by a suite of techniques that allowed us to identify scam campaigns and our automated system that is able to collect additional information by conversing with scammers. Our measurement study sheds new light on the broad range of strategies different scam campaigns employ and the infrastructure they depend on to profit. We find that many of these strategies, such as credit report scams, are structurally different from the traditional advanced fee fraud found in previous studies. In addition, we find that Craigslist remove less than half of the suspicious listings we detected. Finally, we find that many of the larger-scale campaigns we detected depend on credit card payments, suggesting that a payment level intervention might effectively demonetize them.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Notes
- 1.
According to the affiliate program of Rental Verified, which is used by one of the credit report campaigns we found, it pays up to \(\$18\) per customer. https://rentalverified.com/affiliates.
References
800notes. http://800notes.com/
DB-IP. http://db-ip.com/
Report craigslist Scams. http://reportcraigslistscams.com/
Ripoff Report. http://www.ripoffreport.com/
United States Census Bureau. http://www.census.gov/
National association of realtors - field guide to quick real estate statistics. http://www.realtor.org/field-guides/field-guide-to-quick-real-estate-statistics (2013)
Buchanan, J., Grant, A.J.: Investigating and prosecuting Nigerian fraud. U. S. Attorneys’ Bull. 49(6), 39–47 (2001)
Clayton, R., Moore, T., Christin, N.: Concentrating correctly on cybercrime concentration. In: Proceedings of the Fourteenth Workshop on the Economics of Information Security (WEIS), Delft, Netherlands, June 2015
Dyrud, M.A.: I brought you a good news: an analysis of Nigerian 419 letters. In: Proceedings of the 2005 Association for Business Communication Annual Convention (2005)
Gao, Y., Zhao, G.: Knowledge-based information extraction: a case study of recognizing emails of Nigerian frauds. In: Montoyo, A., Muńoz, R., Métais, E. (eds.) NLDB 2005. LNCS, vol. 3513, pp. 161–172. Springer, Heidelberg (2005). doi:10.1007/11428817_15
Garg, V., Nilizadeh, S.: Craigslist scams and community composition: investigating online fraud victimization. In: International Workshop on Cyber Crime, IEEE (2013)
Herley, C.: Why do Nigerian Scammers say they are from Nigeria? In: WEIS (2012)
Huang, J.M., Stringhini, G., Yong, P.: Quit playing games with my heart: understanding online dating scams. In: Almgren, M., Gulisano, V., Maggi, F. (eds.) DIMVA 2015. LNCS, vol. 9148, pp. 216–236. Springer, Cham (2015). doi:10.1007/978-3-319-20550-2_12
Isacenkova, J., Thonnard, O., Costin, A., Balzarotti, D., Francillon, A.: Inside the scam jungle: a closer look at 419 scam email operations. In: Security and Privacy Workshops (SPW), 2013 IEEE, pp. 143–150. IEEE (2013)
Johnson, C.: Fakers, breachers, slackers, and deceivers: Opportunistic actors during the foreclosure crisis deserve criminal sanctions. Cap. Univ. Law Rev. 40(4), 853 (2012)
Kanich, C., Kreibich, C., Levchenko, K., Enright, B., Voelker, G.M., Paxson, V., Savage, S.: Spamalytics: an empirical analysis of spam marketing conversion. In: Proceedings of the 15th ACM Conference on CCS. ACM (2008)
Konte, M., Feamster, N., Jung, J.: Dynamics of online scam hosting infrastructure. In: Moon, S.B., Teixeira, R., Uhlig, S. (eds.) PAM 2009. LNCS, vol. 5448, pp. 219–228. Springer, Heidelberg (2009). doi:10.1007/978-3-642-00975-4_22
Levchenko, K., Pitsillidis, A., Chachra, N., Enright, B., Félegyházi, M., Grier, C., Halvorson, T., Kanich, C., Kreibich, C., Liu, H., McCoy, D., Weaver, N., Paxson, V., Voelker, G.M., Savage, S.: Click trajectories: end-to-end analysis of the spam value chain. In: IEEE Symposium on Security and Privacy (2011)
McCoy, D., Dharmdasani, H., Kreibich, C., Voelker, G.M., Savage, S.: Priceless: the role of payments in abuse-advertised goods. In: Proceedings of the 2012 ACM Conference on CCS, CCS 2012 (2012)
McCoy, D., Pitsillidis, A., Jordan, G., Weaver, N., Kreibich, C., Krebs, B., Voelker, G.M., Savage, S., Levchenko, K.: Pharmaleaks: Understanding the business of online pharmaceutical affiliate programs. In: USENIX Security Symposium (2012)
Park, Y., Jones, J., McCoy, D., Shi, E., Jakobsson, M.: Scambaiter: understanding targeted nigerian scams on craigslist. In: NDSS (2014)
Rege, A.: What’s love got to do with it? Exploring online dating scams and identity fraud. Int. J. Cyber Criminol. 3(2), 494–512 (2009)
Smith, A.: Nigerian scam e-mails and the charms of capital. Cult. Stud. 23(1), 27–47 (2009)
Stajano, F., Wilson, P.: Understanding scam victims: seven principles for systems security. Commun. ACM 54, 70–75 (2011)
Stone-Gross, B., Holz, T., Stringhini, G., Vigna, G.: The underground economy of spam: a botmaster’s perspective of coordinating large-scale spam campaigns. In: Proceedings of the 4th USENIX Conference on Large-Scale Exploits and Emergent Threats, LEET 2011, p. 4. USENIX Association, Berkeley (2011)
Stone-Gross, B., Moser, A., Kruegel, C., Kirda, E., Almeroth, K.: FIRE: FInding Rogue nEtworks. In: Proceedings of the Annual Computer Security Applications Conference (ACSAC), Honolulu, HI, December 2009
Thomas, K., Huang, D., Wang, D., Bursztein, E., Grier, C., Holt, T., Kruegel, C., McCoy, D., Savage, S., Vigna, G.: Framing dependencies introduced by underground commoditization. In: Proceedings of the Fourteenth Workshop on the Economics of Information Security (WEIS), Delft, Netherlands, June 2015
Tive, C.: 419 scam: Exploits of the Nigerian con man. iUniverse (2006)
Whitty, M.T., Buchanan, T.: The online romance scam: a serious cybercrime. CyberPsychol. Behav. Soc. Netw. 15(3), 181–183 (2012)
Acknowledgements
We thank Markus Jakobsson and the anonymous reviewers for their valuable feedback. This work was supported by the National Science Foundation grant CNS-1619620. This work was funded in part by NSF grants CNS-1314857, CNS-1453634, CNS-1518765, CNS-1514261, a Packard Fellowship, a Sloan Fellowship, two Google Faculty Research Awards, a VMWare Research Award, and an NSA Lablet grant.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Appendices
A Example Scam Ads
Example ad titles with sophisticated templates used by CreditReport_Yahoo campaign.
B Example Scam Emails
Example rent application template. Clone scam campaigns usually request a victim to fill out their rent application form.
Credit report scam email.
Rights and permissions
Copyright information
© 2017 International Financial Cryptography Association
About this paper
Cite this paper
Park, Y., McCoy, D., Shi, E. (2017). Understanding Craigslist Rental Scams. In: Grossklags, J., Preneel, B. (eds) Financial Cryptography and Data Security. FC 2016. Lecture Notes in Computer Science(), vol 9603. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-662-54970-4_1
Download citation
DOI: https://doi.org/10.1007/978-3-662-54970-4_1
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-662-54969-8
Online ISBN: 978-3-662-54970-4
eBook Packages: Computer ScienceComputer Science (R0)