Due to numerous e-mails we have received from our sellers and buyers, we have created this page to prevent Craigslist users against “Account Theft”, fake PayPal transactions, etc. Please read below and make sure you don’t fall in these traps.
On Craigslist’s login page you will see the following warning:
The same method is used by these scammers to impersonate our service, they send fake links looking like our website, but when you click on them, underneath the link is a fake website, almost identical with our website.How these scams work:
Stealing your accounts:
They send you a link with a short message, for example: “Hi, is this item yours? it has the same pictures…” followed by the link to the “item”. You click on the link and you are redirected to a fake login page identical with the Craigslist login page, asking you to enter your Craigslist account and password. Your information will go directly to the scammers and if you sell something on Craigslist, they will edit your posting and enter their fake ads or job offers. Craigslist will never ask for your user account and password when you clink on any link from their website, only when you are trying to access your “My Account” page they will ask for this information, so be sure you always check your browser.
Impersonating our service:
After stealing your account, they will post on it fake ads and will enter their own e-mail in the description so the people interested in their items will contact them directly, not you by e-mail. So 98% of ads that have HTML description with an e-mail listed in their description are fake ads and should be flagged for removal.
You contact them and they say they have the item for sale with us, will send you the link to our website (with a hyperlink to another website) and will ask you not to register, because they can send the information to us and we will send you an invoice. When you receive their invoice, you will be asked to send the payment to them directly and making the transaction through our system is your only guarantee, THAT’S NOT TRUE: we do not ask people to send the payment to the seller directly, so any email saying that is a scam and you should report it to us. We always use agents, our agents will hold the payment until you receive your item and your 10 Day Money Back Guarantee is over. Please make sure you check your browser after clicking to any links to our website, make sure that the link is exactly like in the picture below:
using the same methods listed above, they steal PayPal accounts which they use to pay for small items on Craigslist, saying that they can’t meet people to make the transaction in person and your item will be a nice gift for their fiance, wife, brother, etc. They will pay using other people PayPal accounts and you ship the items to them, they will offer to pay more to cover the shipping fees you will pay from your own pocket. The same method will be used for fake cashiers checks, they will send you checks for your items and when you will try to cash your check you will probably be arrested. For all these scams listed above, you can be held responsible because it is your Craigslist account, your PayPal account or your check they will be using. These can be stopped by being careful where you enter your Craigslist account and password, PayPal account, etc. Sell2Pal will never send you an e-mail asking for your Craigslist password or PayPal account information.
Below we have listed other tips to make sure you will stay safe when browsing online or using our service:
- Watch out for “phishy” emails. The most common form of phishing is emails pretending to be from a legitimate retailer, bank, organization, or government agency. The sender asks to “confirm” your personal information for some made-up reason: your account is about to be closed, an order for something has been placed in your name, or your information has been lost because of a computer problem. Another tactic phishers use is to say they’re from the fraud departments of well-known companies and ask to verify your information because they suspect you may be a victim of identity theft! In one case, a phisher claimed to be from a state lottery commission and requested people’s banking information to deposit their “winnings” in their accounts.
- Don’t click on links within emails that ask for your personal information. Fraudsters use these links to lure people to phony Web sites that looks just like the real sites of the company, organization, or agency they’re impersonating. If you follow the instructions and enter your personal information on the Web site, you’ll deliver it directly into the hands of identity thieves. To check whether the message is really from the company or agency, call it directly or go to its Web site (use a search engine to find it).
- Beware of “pharming.” In this latest version of online ID theft, a virus or malicious program is secretly planted in your computer and hijacks your Web browser. When you type in the address of a legitimate Web site, you’re taken to a fake copy of the site without realizing it. Any personal information you provide at the phony site, such as your password or account number, can be stolen and fraudulently used.
- Never enter your personal information in a pop-up screen. Sometimes a phisher will direct you to a real company’s, organization’s, or agency’s Web site, but then an unauthorized pop-up screen created by the scammer will appear, with blanks in which to provide your personal information. If you fill it in, your information will go to the phisher. Legitimate companies, agencies and organizations don’t ask for personal information via pop-up screens. Install pop-up blocking software to help prevent this type of phishing attack.
- Protect your computer with spam filters, anti-virus and anti-spyware software, and a firewall, and keep them up to date. A spam filter can help reduce the number of phishing emails you get. Anti-virus software, which scans incoming messages for troublesome files, and anti-spyware software, which looks for programs that have been installed on your computer and track your online activities without your knowledge, can protect you against pharming and other techniques that phishers use. Firewalls prevent hackers and unauthorized communications from entering your computer – which is especially important if you have a broadband connection because your computer is open to the Internet whenever it’s turned on. Look for programs that offer automatic updates and take advantage of free patches that manufacturers offer to fix newly discovered problems.
- Only open email attachments if you’re expecting them and know what they contain. Even if the messages look like they came from people you know, they could be from scammers and contain programs that will steal your personal information.
- Know that phishing can also happen by phone. You may get a call from someone pretending to be from a company or government agency, making the same kinds of false claims and asking for your personal information.
- If someone contacts you and says you’ve been a victim of fraud, verify the person’s identity before you provide any personal information. Legitimate credit card issuers and other companies may contact you if there is an unusual pattern indicating that someone else might be using one of your accounts. But usually they only ask if you made particular transactions; they don’t request your account number or other personal information. Law enforcement agencies might also contact you if you’ve been the victim of fraud. To be on the safe side, ask for the person’s name, the name of the agency or company, the telephone number, and the address. Get the main number from the phone book, the Internet, or directory assistance, then call to find out if the person is legitimate.
- Job seekers should also be careful. Some phishers target people who list themselves on job search sites. Pretending to be potential employers, they ask for your social security number and other personal information. Follow the advice above and verify the person’s identity before providing any personal information.
- Be suspicious if someone contacts you unexpectedly and asks for your personal information. It’s hard to tell whether something is legitimate by looking at an email or a Web site, or talking to someone on the phone. But if you’re contacted out of the blue and asked for your personal information, it’s a warning sign that something is “phishy.” Legitimate companies and agencies don’t operate that way.