If I were really hitting on guys via Craigslist, at least I'd have better grammar
January 24, 2008 5:14 AM   Subscribe

Can I do anything about a spammer using my e-mail address to answer ads on Craigslist?

My primary e-mail address is MyFirstNameMyLastName@gmail. I've had it for several years now, used it for online banking, shopping, personal e-mailing, and my resume, and have never had a problem.

Yesterday, I started getting e-mails at that address from strange men. They all look like this:

From: Some Guy

[message like "lol ur sexie lets hook up lol!!!!!!"]

On [date] [time], MyFirstName MyLastName wrote:

Hi. I know I did not have a pic on craigslist and I am sure you dont want to meet someone your not attracted to. Go to [suspicious-looking URL/MyFirstName/] to see my pic. I got some more info about me on there as well. So if your still interested contact me and we can talk further.


---- Original Message ----

** CRAIGSLIST ADVISORY --- AVOID SCAMS BY DEALING LOCALLY ** Avoid: wiring money, cross-border deals, work-at-home ** Beware: cashier checks, money orders, escrow, shipping ** More Info: http://www.craigslist.org/about/scams.html
[message that seems like a response to something, such as "it sounds like we like the same things" or "I like your ad, do you want to meet me"]
this message was remailed to you via: pers-549473412@craigslist.org

The suspicious URLs aren't anything porn-y, but they do sound sketchy, like "mybestwebsitehosting4free.info." The URL is different most times but they all point to the same page, a pretty innocuous picture of a chick with some fake vaguely-porny text and links to "XXX Black Book," which I assume is the actual porn site.

So it seems like a spammer puts an ad on Craigslist, a guy replies, and the spammer responds using my e-mail address. Then I get a creepy response from the guy.

Is my assessment right? And is there anything I can do about it, since it appears that my e-mail address isn't actually in these ads? I've only received six of these e-mails so far, but I'm afraid that it's only a matter of time before my inbox is flooded.
posted by korres to Computers & Internet (17 answers total) 2 users marked this as a favorite
No, there isn't anything that you can do. This kind of crap has been infesting Craigslist for quite a while now.

All you can do is flag it and delete the emails that come in. The ad will expire soon enough, and who knows, it may have already been flagged for removal anyway.
posted by drstein at 5:51 AM on January 24, 2008

I think you're mostly right. However, it appears that when the spammer posted his ad on craigslist he used your address as the anonymized reply to. The final tag line:

"this message was remailed to you via: pers-549473412@craigslist.org"

suggests that your would-be "suitors" don't actually have your email address. I don't remember now if craigslist requires an email confirmation of a posting - I suppose it doesn't because you never saw that confirmation email. That fact is important because it suggests the spammer hasn't hacked your email account, just the craigslist remailer. I would guess the spammer routinely and randomly picks names. I hope yours falls out of the rotation soon.
posted by GPF at 6:06 AM on January 24, 2008

A spammer hijacked my email early last year. After several weeks of frustration and a load of porn spam, I had an idea. I went to my ISP and turned off my primary email address via the control panel. I switched to my Yahoo! webmail address for several months. Lo and behind, after turning my prime email back on last week, I was spam-free.

I'm not saying this is workable for everyone, mind you, but it did the trick for me. In fact, I am using a re-direct that sends everything aimed at my primary email to a secondary Yahoo address. If I get hijacked again I'll just do what I did before.
posted by Guy_Inamonkeysuit at 6:26 AM on January 24, 2008

GPF is right. This e-mail looks like a response to a craigslist ad. Whenever I post a craigslist ad, I usually get several of these responses in addition to any legitimate responses I might get. Just ignore them.

I'm not sure how this would happen, unless you recently posted an ad on craigslist, because a person usually need access to the e-mail account in order to post to craigslist, right?
posted by kidbritish at 6:27 AM on January 24, 2008

Try signing-up for an account with Craig's list using your email address:


I'm not sure, but I would expect that would prevent postings from that address without your password.
posted by justkevin at 6:31 AM on January 24, 2008

The emails contain the listing IDs of the posts, right? This is maybe a band-aid solution, but you could set up a filter in gmail that dumped anything from a craigslist.org address into your trash. Anytime *you* posted something on craigslist, you could just add an exception for messages that contained the ID of your post.

When you create the filter, put "craiglist.org" in the From box, and set the filter to delete those messages. If you ever post something on craigslist, edit the filter and put the message ID into the Doesn't Have box.

I think that'll work.
posted by averyoldworld at 6:46 AM on January 24, 2008

Have you posted to Craigslist recently? If so, someone used the "Reply to: pers-549577352@craigslist.org" part of your post to send you spam. No one hijacked your email address, so don't worry. Delete your craigslist ad and they'll stop, or just wait it out. They'll eventually stop. The best thing to do is to sign up for a hotmail account to just use for craigslist.
posted by MaryDellamorte at 6:55 AM on January 24, 2008

These emails you're getting are responses to a Craigslist ad that was posted using your address.

Find that ad. There are three possibilities--

1. Did you post it? If yes, then no worries... MaryDellamorte is right, and this is not something to be concerned with.

2. Did you NOT post the ad to which they're replying? This is very bad: A spammer not only has your email address, but has your PASSWORD, as he must have verified the email address with Craigslist in order to post the ad. Change your password immediately.

3. Can't find the original ad? The emails you're getting are just cleverly forged spam, meant to look like Craigslist responses. Ignore them, there's nothing you can do.
posted by qxntpqbbbqxl at 7:04 AM on January 24, 2008

I'm not clear as to why a spammer would do this, if he/she can't view the replies that are going to you. Or, perhaps he/she's only hoping that you will go to the porn website and spend money? Seems a bit much.

Guy_Inamonkeysuit, your ISP solution sounds terrific for getting rid of unwanted spam; could you explain what you mean by control panel? My ISP is hosted by a small company in a nearby city, I'm not sure how one goes about "turning off" a primary account in this way. Thanks!
posted by Melismata at 7:25 AM on January 24, 2008

Perhaps it's a normal spam e-mail that's been written to make itself look like a Craigslist response, just as spammers can make their e-mails appear as if they come from other businesses (banks, etc.). I'd check the headers and compare it to the headers of an e-mail that actually came from Craigslist. 10 to 1 they don't match.
posted by WCityMike at 8:08 AM on January 24, 2008

My reading of it is that the OP's theory is dead-on: someone posted an ad on CL, gets these replies from guys, and is then sending the grammatically-challenged "check out my pic" messages to those guys with the OP's email as the "Reply-To." The hope is that these guys will go to the site and check out the pics (click! Ad revenue!), and then click the XXX links (click! More revenue!), at which point they will hopefully hand over their CC info for even more revenue. Charming.

Do you have a relatively common name, korres? If so, you just might be this week's unlucky winner of the Randomly Chosen Plausible Sounding Spammer Alias drawing. If not, perhaps the spammer got your address off a list. In any case, signing up with CL won't work because CL doesn't have the address to begin with. If you can find the ad, you can flag it and forward it to CL's abuse address so that they can take it down (if it hasn't been removed already). The emails you can't really do much about beyond blocking the creeps' addresses as they come in or trying to set up a filter to screen them out (as suggested above). Most likely, the spammer will stop using your email address at some point - right now, it's just a convenient cover.
posted by I Said, I've Got A Big Stick at 9:21 AM on January 24, 2008 [1 favorite]

set up honeypot ad on craigslist, wait for mister youremailaddress to respond, string him along. can you get him to drive to a remote area for sex? can you recruit a diseased hooker to service him? the possibilities are endless.
posted by bruce at 9:55 AM on January 24, 2008

Guy_Inamonkeysuit, your ISP solution sounds terrific for getting rid of unwanted spam; could you explain what you mean by control panel?

My ISP is LinkSky. They have a page where I can add email accounts, check stats, set up security, etc. This is my "control panel." I don't use it much, since my site is essentially a static portfolio site, but I have set up a few email accounts here, and among the other things I can do is to have them forwarded to other addies. Very simple.

The spammer used my email address to send out spam. I found this out when filters started bouncing these emails back -- to me ! All I could think of was to cripple the account so that s/he couldn't use it any longer.

Worked like a charm. Of course, the precipitating factor was that my addy was hijacked -- not that I was getting spam as a matter of course. *shrug* Filters can handle most of that junk. But they couldn't filter out my own addy.
posted by Guy_Inamonkeysuit at 10:07 AM on January 24, 2008

Response by poster: OP here.

I've never posted an ad on Craigslist; in fact, the only thing I've ever looked at on Craigslist are some of the funny ads in their "best of" archive.

While the bottom part of some e-mails have a header like I originally posted, others have a header like this:

----- Original Message ----
From: MyFirstName MyLastName [MyFirstNameMyLastName@gmail.com]
To: Name of the guy replying to me [his e-mail address]
Sent: Thursday, January 24, 2008 10:07:41 AM
Subject: RE: Enter my world - w4m - 29

Therefore, I believe these people have my actual e-mail address. To clarify, I think what happens is:
1. Spammer posts ad and gets one of Craigslist's generic e-mail addresses.
2. People respond via that e-mail address.
3. Spammer replies as if from my e-mail address.
4. Guy now has my e-mail address.

At least, I'm hoping that's what happens, because that's marginally better than a spammer actually putting my e-mail address in the ad itself.

Also, because some of the e-mails have different subject lines, I assume the spammer has placed many ads.

averyoldworld, blocking craigslist.org addresses wouldn't help because these e-mails are coming from people with Gmail, Yahoo, AOL, SBCGlobal, etc. addresses.

justkevin, thanks for the suggestion. I did so, and am changing my e-mail password as a precaution, but unfortunately I'm not very optimistic at this point.

qxntpqbbbqxl, I have no idea how to find these ads. There's no indication of which region they're in, and I can't find a way to search all of Craigslist's regions.

I Said, I've Got A Big Stick, my name is somewhat common, so I think you may be right. I'm just hoping this doesn't turn into a flood as the spammer puts up more and more ads, and trying to figure out if there's a way I can stop it.

I really don't want to be forced to give up my main e-mail address.
posted by korres at 10:51 AM on January 24, 2008

Your email address got skimmed someplace and the spammer's spoofing your email. It happens.

Ideally, you need two email addresses - your regular ISP account that you share only with friends and family, and a throw-away account you use to register online for stuff. A couple months down the road, create a new throw-away account, update those sites that need to be updated and close the old throw-away account.

Most ISPs will give you a handful of accounts - use one of them or sign up for a free email account.
posted by Kioki-Silver at 2:24 PM on January 24, 2008

"I'm not clear as to why a spammer would do this, if he/she can't view the replies that are going to you. Or, perhaps he/she's only hoping that you will go to the porn website and spend money? Seems a bit much.:

It happens CONSTANTLY on craigslist. The vast majority of the W4M ads are just that. You email them, and they auto reply with a URL for some other 'dating site' that has 'more info and more photos.'

Craigslist has sadly turned into trash.
posted by drstein at 10:20 AM on January 25, 2008

Response by poster: In case anyone is interested in a follow-up, the spam has finally stopped. It definitely got worse before it got better, and it took a big turn for the uncomfortably close when the guys responding to the spammer's e-mail would try to add me on Google chat. But it's been quiet for a couple of weeks now, so I guess the wacky spammer logic makes them stop spoofing an e-mail address kicked in. Thank you, everyone, for your help.
posted by korres at 5:15 AM on March 25, 2008

« Older No more sweet music.   |   In seek of IT Asset Managemtn Solution Newer »
This thread is closed to new comments.