{"id":12410,"date":"2013-08-15T08:00:50","date_gmt":"2013-08-15T15:00:50","guid":{"rendered":"http:\/\/blog.webroot.com\/?p=12410"},"modified":"2018-05-29T11:43:04","modified_gmt":"2018-05-29T17:43:04","slug":"diy-craigslist-email-collecting-tools-empower-spammers-with-access-to-freshvalid-email-addresses","status":"publish","type":"post","link":"https://www.webroot.com/blog/2013\/08\/15\/diy-craigslist-email-collecting-tools-empower-spammers-with-access-to-freshvalid-email-addresses\/","title":{"rendered":"DIY Craigslist email collecting tools empower spammers with access to fresh\/valid email addresses"},"content":{"rendered":"<p><strong>By Dancho\u00a0Danchev<\/strong><\/p>\n<p>In need of a good reason to start using <a href=\"http:\/\/www.craigslist.org\/about\/anonymize\"><strong>Craigslist &#8216;real email anonymization&#8217; option<\/strong><\/a>? We&#8217;re about to give you a pretty good one.\u00a0For years, the popular\u00a0classified Web site has\u00a0been under fire from spammers using DIY email collecting tools, allowing them to easily obtain fresh and valid emails to later\u00a0be abused in fraudulent\/malicious campaigns.<\/p>\n<p>Let&#8217;s take a peek at some of the DIY Craigslist themed spamming tools currently in (commercial) circulation.<\/p>\n<p>More details:<\/p>\n<p><!--more--><\/p>\n<p><strong>Sample screenshots of the tools in action:<\/strong><\/p>\n<p style=\"text-align: center;\"><a href=\"https:\/\/blog-en.webroot.com\/wp-content\/uploads\/2013\/08\/craigslist_emails_harvesting2.jpg\"><img decoding=\"async\" loading=\"lazy\" class=\"aligncenter wp-image-12411\" src=\"https:\/\/blog-en.webroot.com\/wp-content\/uploads\/2013\/08\/craigslist_emails_harvesting2.jpg\" alt=\"Craigslist_Emails_Harvesting\" width=\"555\" height=\"427\" \/><\/a><\/p>\n<p style=\"text-align: center;\"><a href=\"https:\/\/blog-en.webroot.com\/wp-content\/uploads\/2013\/08\/craigslist_emails_harvesting_0112.jpg\"><img decoding=\"async\" loading=\"lazy\" class=\"aligncenter wp-image-12416\" src=\"https:\/\/blog-en.webroot.com\/wp-content\/uploads\/2013\/08\/craigslist_emails_harvesting_0112.jpg\" alt=\"Craigslist_Emails_Harvesting_01\" width=\"555\" height=\"427\" \/><\/a><\/p>\n<p style=\"text-align: center;\"><a href=\"https:\/\/blog-en.webroot.com\/wp-content\/uploads\/2013\/08\/craigslist_emails_harvesting_022.jpg\"><img decoding=\"async\" loading=\"lazy\" class=\"aligncenter wp-image-12413\" src=\"https:\/\/blog-en.webroot.com\/wp-content\/uploads\/2013\/08\/craigslist_emails_harvesting_022.jpg\" alt=\"Craigslist_Emails_Harvesting_02\" width=\"538\" height=\"397\" \/><\/a> <a href=\"https:\/\/blog-en.webroot.com\/wp-content\/uploads\/2013\/08\/craigslist_emails_harvesting_032.jpg\"><img decoding=\"async\" loading=\"lazy\" class=\"aligncenter size-full wp-image-12414\" src=\"https:\/\/blog-en.webroot.com\/wp-content\/uploads\/2013\/08\/craigslist_emails_harvesting_032.jpg\" alt=\"Craigslist_Emails_Harvesting_03\" width=\"319\" height=\"455\" \/><\/a> <a href=\"https:\/\/blog-en.webroot.com\/wp-content\/uploads\/2013\/08\/craigslist_emails_harvesting_042.png\"><img decoding=\"async\" loading=\"lazy\" class=\"aligncenter size-full wp-image-12415\" src=\"https:\/\/blog-en.webroot.com\/wp-content\/uploads\/2013\/08\/craigslist_emails_harvesting_042.png\" alt=\"Craigslist_Emails_Harvesting_04\" width=\"665\" height=\"415\" \/><\/a><\/p>\n<p>What makes an impression is not just the degree of customization of these tools, but also the fact that logical development in terms of introducing ubiquitous features typical for these DIY tools took place. Such features include, but are not limited to, the introduction for <a href=\"http:\/\/blog.webroot.com\/2012\/03\/02\/new-service-converts-malware-infected-hosts-into-anonymization-proxies\/\"><strong>proxy support<\/strong><\/a>, outsourcing the <a href=\"http:\/\/www.zdnet.com\/blog\/security\/inside-indias-captcha-solving-economy\/1835\"><strong>CAPTCHA solving<\/strong><\/a>\u00a0process, QA in terms of avoiding the collection of anonymous Craigslist emails, as well as the ability to tailor the collection process to the needs of the spammer through the use of custom keywords or a specific period of time.<\/p>\n<p>Sadly, Craigslist isn&#8217;t the only Web site that&#8217;s efficiently targeted by spammers. Despite raising awareness on the concept of <a href=\"http:\/\/www.zdnet.com\/blog\/security\/spammers-harvesting-emails-from-twitter-in-real-time\/3402\"><strong>harvesting fresh and valid emails from Twitter<\/strong><\/a>, in real-time, back in 2009, the practice is still taking place, empowering spammers with access to an endless pool of email addresses. And that&#8217;s just the tip of the iceberg.<\/p>\n<p>Craigslist users are advised to take advantage of the site&#8217;s &#8216;<a href=\"http:\/\/www.craigslist.org\/about\/anonymize\"><strong>email anonymization<\/strong><\/a>&#8216; feature, in an attempt to prevent spammers from successfully collecting their emails.<\/p>\n<p><em>You can find more about Dancho\u00a0Danchev at his\u00a0<strong><a href=\"http:\/\/linkedin.com\/in\/danchodanchev\">LinkedIn Profile<\/a><\/strong>. You can also\u00a0<strong><a href=\"http:\/\/www.twitter.com\/danchodanchev\">follow him on Twitter<\/a><\/strong>.<\/em><\/p>\n","protected":false},"excerpt":{"rendered":"<p>By Dancho\u00a0Danchev In need of a good reason to start using Craigslist &#8216;real email anonymization&#8217; option? We&#8217;re about to give you a pretty good one.\u00a0For years, the popular\u00a0classified Web site has\u00a0been under fire from spammers using DIY email collecting tools, allowing them to easily obtain fresh and valid emails to later\u00a0be abused in fraudulent\/malicious campaigns. [&hellip;]<\/p>\n","protected":false},"author":65,"featured_media":17052,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":[],"categories":[3005],"tags":[],"yst_prominent_words":[16803,22395,11569,6173,5735,9471,3493,22393,3561,9783,15797,15793,17901,4193,6845,6561,3741,4721,15805,4621],"acf":[],"_links":{"self":[{"href":"https://www.webroot.com/blog/wp-json\/wp\/v2\/posts\/12410"}],"collection":[{"href":"https://www.webroot.com/blog/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https://www.webroot.com/blog/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https://www.webroot.com/blog/wp-json\/wp\/v2\/users\/65"}],"replies":[{"embeddable":true,"href":"https://www.webroot.com/blog/wp-json\/wp\/v2\/comments?post=12410"}],"version-history":[{"count":3,"href":"https://www.webroot.com/blog/wp-json\/wp\/v2\/posts\/12410\/revisions"}],"predecessor-version":[{"id":24563,"href":"https://www.webroot.com/blog/wp-json\/wp\/v2\/posts\/12410\/revisions\/24563"}],"wp:featuredmedia":[{"embeddable":true,"href":"https://www.webroot.com/blog/wp-json\/wp\/v2\/media\/17052"}],"wp:attachment":[{"href":"https://www.webroot.com/blog/wp-json\/wp\/v2\/media?parent=12410"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https://www.webroot.com/blog/wp-json\/wp\/v2\/categories?post=12410"},{"taxonomy":"post_tag","embeddable":true,"href":"https://www.webroot.com/blog/wp-json\/wp\/v2\/tags?post=12410"},{"taxonomy":"yst_prominent_words","embeddable":true,"href":"https://www.webroot.com/blog/wp-json\/wp\/v2\/yst_prominent_words?post=12410"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}