Craigslist receives over 50 billion page views every month, but some of the ads generating those clicks are being posted by hackers, spammers and scammers. To work their nefarious plans incognito, they often hijack the Craigslist accounts of regular users. Knowing what's in their basic bag of tricks will help you keep control over your account.
Since Craigslist doesn't get involved in any transactions or store your financial information in your account, you don't have to worry so much about identity theft resulting from a compromised Craigslist account. Craigslist hackers value Craigslist accounts for the purpose of posting spam or fraudulent ads, which aren't necessarily targeted at you. Rather, your account is the "middle man" between the hackers and those browsing Craigslist ads. Since those ads are prohibited by Craigslist rules, though, a hacked Craigslist account can result in Craigslist freezing or suspending your account.
One of the best line of defenses is a strong password, which is something that many overlook -- particularly in terms of their personal email addresses. The Federal Communications Commission encourages everyone to create passwords that have at least six characters of various types -- meaning letters, numbers and symbols -- in both uppercase and lowercase. Passwords should be as random as possible, so shy away from passwords incorporating the names of relatives, birthdays or any other info that someone could discover. Whatever word or phrase you use, always incorporate the alphanumeric mix.
Another line of defense that's good to have in place is an anti-virus program on your computer. Hackers sometimes attempt to get you to download malware that can steal your personal data, such as login information for your Craigslist account. Ensure that whatever anti-virus program you use also checks for spyware, which can also capture your private information. You can also use a separate program that's dedicated solely to detecting and removing spyware.
One way that hackers will lure you into inadvertently downloading malware onto your computer is by "spoofing" -- sending an email that purports to be from Craigslist staff. Typically, such an email will say that your account is compromised, requiring you to click on a link to rectify the matter. If you click the link, though, it will download a virus to your computer or bring you to a phony Web page instructing you to enter your login information, which will then be sent to the hackers. Carefully any email claiming to be from Craigslist staff, and if in doubt, contact Craigslist directly to inquire about the authenticity of the message.
- Craigslist: Fact Sheet
- TechDirt: Inside Craigslist's Increasingly Complicated Battle Against Spammers
- National Institute of Standards And Technology: FCC Computer Security Notice
- All Spammed Up: New Malicious Spam Exploits Craigslist
- OnlyMyEmail: Flagged & Removed -- Craigslist Spam
- Webopedia: AntiVirus and AntiSpyware Software: What's The Difference?
- CBS News: Bush Family Emails Hacked
- Justin Sullivan/Getty Images News/Getty Images