35.gif
Best Blackhat Forum / BlackHat SEO & WhiteHat SEO / Email Marketing - Opt-In List / To my fellow CL Mailers

Search (advanced search)
Use this Search form before posting, asking or make a new thread.
Tips: Use Quotation mark to search words (eg. "How To Make Money Online")

New Reply
 
09-20-2012, 07:41 AM
Post: #1
zilla Offline
Super Active BBHF Member
*****
Posts: 5,636
Joined: Nov 2011

Reputation: 479
To my fellow CL Mailers
I read an article today that might help others..[spoiler]

New technique from the Craigslist spammers

In June, I wrote about a technique used by spammers to harvest names and email addresses of “live” targets for their spam.
In a nutshell: you post an ad to Craigslist; the spammer sends you an automated email which makes you think that maybe the sender is interested in your ad; you send a response, “Are you interested?” thus revealing your name (if it’s configured in your email client) and real email address to the spammer; and within hours, you are deluged by spam at that address, which uses your name from your email header, thus making it more likely that you will read it and that it will make it through your spam filter.
As I noted in my earlier blog posting, the fix to this is simple: Craigslist should tweak the email headers so that the entire exchange from poster and respondent is sent through Craigslist’s proxy server, so that the poster’s name and email address is never revealed in the header of a message sent by him/her to the spammer. Given how prevalent this problem is on Craigslist, it’s a mystery why they don’t do this.
Alas, the problem has gotten worse, not better. At the bottom of every email message sent through Craigslist’s proxy server is a link that people can use to report the message as spam. People who are moderate to heavy users of Craigslist can recognize these phishing messages immediately and report them as spam, thus helping Craigslist to figure out who should be blocked from sending messages through them. Alas, the spammers have figured out how to break the flagging link at the bottom of their email messages.
What Craigslist does when a message is sent through its proxy is (a) start with the HTML body of the message; (b) prepend a header to the top of it; © append a footer to the bottom of it; and (d) send it on its way. Alas, the proxy does not do any sanity checking of the HTML body; if the body has broken HTML in it, then it can cause the HTML in the footer to be broken as well. This is exactly what they’ve just started to do (or, at least, this is the first time I’ve seen it).
I just received a phishing message whose HTML body consisted of this string:
See
find Quote
09-24-2012, 02:36 PM (This post was last modified: 09-24-2012 10:01 PM by We Go.)
Post: #2
We Go Offline
Be a Warrior, NOT a worrier
*****
Posts: 8,658
Joined: Apr 2012

Reputation: 4884
RE:
Quote: I just received a phishing message whose HTML body consisted of this string:
Quote:See
???????????? something missing I hope ... lol
find Quote
09-29-2012, 04:22 AM
Post: #3
burpelf Offline
Super Active BBHF Member
*****
Posts: 5,024
Joined: Sep 2012

Reputation: 0
RE:
thank you for the share
find Quote
01-11-2013, 07:44 AM
Post: #4
We Go Offline
Be a Warrior, NOT a worrier
*****
Posts: 8,658
Joined: Apr 2012

Reputation: 4884
RE:
zilla,

Can you please give more details?
find Quote
01-11-2013, 09:33 AM
Post: #5
zilla Offline
Super Active BBHF Member
*****
Posts: 5,636
Joined: Nov 2011

Reputation: 479
RE:
LOL Looks like I had a bit too much to drink and didn't copy/paste everything

Here is the link to the original source:

[hide]http://blog.kamens.us/2012/08/31/new-technique-from-the-craigslist-spammers/[/spoiler]
12.gif
find Quote
New Reply
 




53.gif
Contact Us | BestBlackhatForum | Return to Top | Return to Content | Lite (Archive) Mode