Craigslist is a centralized network of online communities, featuring free Online classified advertisements – with sections devoted to jobs, housing, personals, for sale, services, community, gigs, résumés, and discussion forums (source: Wikipedia). I’ve never visited this website before, but today I received the second Phishing email which I found quite interesting. I see a lot of Phishing but I haven’t seen the usage of doublecklick.net in a Phishing email for a long time.
The link goes to the URL in the second part, containing the IP address written as a number: https://ad.doubleclick.net/clk;30045328;11466062;u?http://<number like 1234567890>:82/departament/index.php
The reason for this link: The Craigslist website is free for users, Craigslist only gets money from job advertisements. So, there is no benefit for the phishers to phish a Craigslist user account. That’s why they’ve chosen this method – by clicking this redirector link the recipient of the mail generate some cents for the cyber criminals.
The website looks identical to the original, and after posting something there, you’ll be redirected to the form on the original website where you must authenticate via telephone.
I mentioned that this is the second Craigslist Phishing I receive on my personal email account. The first one I received in June this year was doing the same redirect after a login.
The authentic Craigslist.org is being aware of these attempts and they have published on the login page a warning:
Data Security Expert