Understanding Craigslist Rental Scams

  • Youngsam ParkEmail author
  • Damon McCoy
  • Elaine Shi
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 9603)


Fraudulently posted online rental listings, rental scams, have been frequently reported by users. However, our understanding of the structure of rental scams is limited. In this paper, we conduct the first systematic empirical study of online rental scams on Craigslist. This study is enabled by a suite of techniques that allowed us to identify scam campaigns and our automated system that is able to collect additional information by conversing with scammers. Our measurement study sheds new light on the broad range of strategies different scam campaigns employ and the infrastructure they depend on to profit. We find that many of these strategies, such as credit report scams, are structurally different from the traditional advanced fee fraud found in previous studies. In addition, we find that Craigslist remove less than half of the suspicious listings we detected. Finally, we find that many of the larger-scale campaigns we detected depend on credit card payments, suggesting that a payment level intervention might effectively demonetize them.


Phone Number Federal Trade Commission Legitimate User Rental Section Email Account 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.



We thank Markus Jakobsson and the anonymous reviewers for their valuable feedback. This work was supported by the National Science Foundation grant CNS-1619620. This work was funded in part by NSF grants CNS-1314857, CNS-1453634, CNS-1518765, CNS-1514261, a Packard Fellowship, a Sloan Fellowship, two Google Faculty Research Awards, a VMWare Research Award, and an NSA Lablet grant.

Supplementary material


  1. 1.
  2. 2.
  3. 3.
    Report craigslist Scams.
  4. 4.
  5. 5.
    United States Census Bureau.
  6. 6.
    National association of realtors - field guide to quick real estate statistics. (2013)
  7. 7.
    Buchanan, J., Grant, A.J.: Investigating and prosecuting Nigerian fraud. U. S. Attorneys’ Bull. 49(6), 39–47 (2001)Google Scholar
  8. 8.
    Clayton, R., Moore, T., Christin, N.: Concentrating correctly on cybercrime concentration. In: Proceedings of the Fourteenth Workshop on the Economics of Information Security (WEIS), Delft, Netherlands, June 2015Google Scholar
  9. 9.
    Dyrud, M.A.: I brought you a good news: an analysis of Nigerian 419 letters. In: Proceedings of the 2005 Association for Business Communication Annual Convention (2005)Google Scholar
  10. 10.
    Gao, Y., Zhao, G.: Knowledge-based information extraction: a case study of recognizing emails of Nigerian frauds. In: Montoyo, A., Muńoz, R., Métais, E. (eds.) NLDB 2005. LNCS, vol. 3513, pp. 161–172. Springer, Heidelberg (2005). doi: 10.1007/11428817_15 CrossRefGoogle Scholar
  11. 11.
    Garg, V., Nilizadeh, S.: Craigslist scams and community composition: investigating online fraud victimization. In: International Workshop on Cyber Crime, IEEE (2013)Google Scholar
  12. 12.
    Herley, C.: Why do Nigerian Scammers say they are from Nigeria? In: WEIS (2012)Google Scholar
  13. 13.
    Huang, J.M., Stringhini, G., Yong, P.: Quit playing games with my heart: understanding online dating scams. In: Almgren, M., Gulisano, V., Maggi, F. (eds.) DIMVA 2015. LNCS, vol. 9148, pp. 216–236. Springer, Cham (2015). doi: 10.1007/978-3-319-20550-2_12 CrossRefGoogle Scholar
  14. 14.
    Isacenkova, J., Thonnard, O., Costin, A., Balzarotti, D., Francillon, A.: Inside the scam jungle: a closer look at 419 scam email operations. In: Security and Privacy Workshops (SPW), 2013 IEEE, pp. 143–150. IEEE (2013)Google Scholar
  15. 15.
    Johnson, C.: Fakers, breachers, slackers, and deceivers: Opportunistic actors during the foreclosure crisis deserve criminal sanctions. Cap. Univ. Law Rev. 40(4), 853 (2012)Google Scholar
  16. 16.
    Kanich, C., Kreibich, C., Levchenko, K., Enright, B., Voelker, G.M., Paxson, V., Savage, S.: Spamalytics: an empirical analysis of spam marketing conversion. In: Proceedings of the 15th ACM Conference on CCS. ACM (2008)Google Scholar
  17. 17.
    Konte, M., Feamster, N., Jung, J.: Dynamics of online scam hosting infrastructure. In: Moon, S.B., Teixeira, R., Uhlig, S. (eds.) PAM 2009. LNCS, vol. 5448, pp. 219–228. Springer, Heidelberg (2009). doi: 10.1007/978-3-642-00975-4_22 CrossRefGoogle Scholar
  18. 18.
    Levchenko, K., Pitsillidis, A., Chachra, N., Enright, B., Félegyházi, M., Grier, C., Halvorson, T., Kanich, C., Kreibich, C., Liu, H., McCoy, D., Weaver, N., Paxson, V., Voelker, G.M., Savage, S.: Click trajectories: end-to-end analysis of the spam value chain. In: IEEE Symposium on Security and Privacy (2011)Google Scholar
  19. 19.
    McCoy, D., Dharmdasani, H., Kreibich, C., Voelker, G.M., Savage, S.: Priceless: the role of payments in abuse-advertised goods. In: Proceedings of the 2012 ACM Conference on CCS, CCS 2012 (2012)Google Scholar
  20. 20.
    McCoy, D., Pitsillidis, A., Jordan, G., Weaver, N., Kreibich, C., Krebs, B., Voelker, G.M., Savage, S., Levchenko, K.: Pharmaleaks: Understanding the business of online pharmaceutical affiliate programs. In: USENIX Security Symposium (2012)Google Scholar
  21. 21.
    Park, Y., Jones, J., McCoy, D., Shi, E., Jakobsson, M.: Scambaiter: understanding targeted nigerian scams on craigslist. In: NDSS (2014)Google Scholar
  22. 22.
    Rege, A.: What’s love got to do with it? Exploring online dating scams and identity fraud. Int. J. Cyber Criminol. 3(2), 494–512 (2009)Google Scholar
  23. 23.
    Smith, A.: Nigerian scam e-mails and the charms of capital. Cult. Stud. 23(1), 27–47 (2009)CrossRefGoogle Scholar
  24. 24.
    Stajano, F., Wilson, P.: Understanding scam victims: seven principles for systems security. Commun. ACM 54, 70–75 (2011)CrossRefGoogle Scholar
  25. 25.
    Stone-Gross, B., Holz, T., Stringhini, G., Vigna, G.: The underground economy of spam: a botmaster’s perspective of coordinating large-scale spam campaigns. In: Proceedings of the 4th USENIX Conference on Large-Scale Exploits and Emergent Threats, LEET 2011, p. 4. USENIX Association, Berkeley (2011)Google Scholar
  26. 26.
    Stone-Gross, B., Moser, A., Kruegel, C., Kirda, E., Almeroth, K.: FIRE: FInding Rogue nEtworks. In: Proceedings of the Annual Computer Security Applications Conference (ACSAC), Honolulu, HI, December 2009Google Scholar
  27. 27.
    Thomas, K., Huang, D., Wang, D., Bursztein, E., Grier, C., Holt, T., Kruegel, C., McCoy, D., Savage, S., Vigna, G.: Framing dependencies introduced by underground commoditization. In: Proceedings of the Fourteenth Workshop on the Economics of Information Security (WEIS), Delft, Netherlands, June 2015Google Scholar
  28. 28.
    Tive, C.: 419 scam: Exploits of the Nigerian con man. iUniverse (2006)Google Scholar
  29. 29.
    Whitty, M.T., Buchanan, T.: The online romance scam: a serious cybercrime. CyberPsychol. Behav. Soc. Netw. 15(3), 181–183 (2012)CrossRefGoogle Scholar

Copyright information

© International Financial Cryptography Association 2017

Authors and Affiliations

  1. 1.University of MarylandCollege ParkUSA
  2. 2.New York UniversityNew YorkUSA
  3. 3.Cornell UniversityIthacaUSA

Personalised recommendations