[ale] OT: Craigslist Scam

Bob Toxen transam at VerySecureLinux.com
Tue Mar 13 15:04:44 EDT 2012 

If you sell anything via the web (or even print media) these days,
expect several fraudulent offerings.

If you have ANY doubt then IGNORE THEM.  Do NOT reply!

If the From and Reply-To are different or the Reverse DNS lookup of the
sending IP (in the mail headers) is suspicious ignore.

If they offer a Cashier's check for more with you PAYING THEM the
difference, run as fast as you can!


If you're trying to purchase a high value item, view it in person first!
If you're selling insist on cash or a LOCAL bank check and don't release
the item until you go to the bank and cash the check into cash to you.

If you sell a car, keep the tags and go with the buyer to the motor
vehicle department to ensure the title transfers.  If it doesn't and
there's a crash you are liable as the owner.

If you sell a computer overwrite the disks first to ensure deletion of
confidential information.  On Linux the following works against anybody
but the NSA or IBM in single-user mode:

  dd if=/dev/zero of=/dev/sdb
  dd if=/dev/zero of=/dev/sda
  sync

or

  dd if=/dev/zero of=/dev/hdb
  dd if=/dev/zero of=/dev/hda
  sync


Bob Toxen
bob at verysecurelinux.com               [Please use for email to me]
http://www.verysecurelinux.com        [Network&Linux security consulting]
http://www.realworldlinuxsecurity.com [My book:"Real World Linux Security 2/e"]
Quality Linux & UNIX security and SysAdmin & software consulting since 1990.
Quality spam and virus filters.

"One disk to rule them all, One disk to find them. One disk to bring
them all and in the darkness grind them. In the Land of Redmond where
the shadows lie...and the Eye is everwatching"
-- The Silicon Valley Tarot Henrique Holschuh with ... Bob

On Mon, Mar 12, 2012 at 07:22:07PM -0400, Scott McBrien wrote:
> No, if you reply to them, they try the Nigerian check scam on you.
> 
> -Scott
> 
> On Mar 12, 2012, at 7:02 PM, Chris Fowler <cfowler at outpostsentinel.com> wrote:
> 
> > I posted a sofa on CL today and have received an interesting email.
> > 
> > http://dl.dropbox.com/u/2486826/sofa.png
> > 
> > It looks innocent.  Why is the From and Reply-To different?  I received
> > another one earlier that looked like this:
> > 
> > http://dl.dropbox.com/u/2486826/sofa2.png
> > 
> > In the case of the first one I did not reply to the Reply-To.  I sent an
> > email to the From.
> > 
> > Is this a new scam fishing for addresses to spam?
> > 
> > Chris
> > 
> > 
> > _______________________________________________
> > Ale mailing list
> > Ale at ale.org
> > http://mail.ale.org/mailman/listinfo/ale
> > See JOBS, ANNOUNCE and SCHOOLS lists at
> > http://mail.ale.org/mailman/listinfo
> 
> _______________________________________________
> Ale mailing list
> Ale at ale.org
> http://mail.ale.org/mailman/listinfo/ale
> See JOBS, ANNOUNCE and SCHOOLS lists at
> http://mail.ale.org/mailman/listinfo

More information about the Ale mailing list