Craigslist, the popular online listings service, has waged a long fight against scammers, but a new academic study suggests it's been losing the battle.
The study focussed on listings for housing rentals, and found that Craigslist failed to remove a majority of those that were fraudulent.
The researchers analyzed two million ads over a five-month period in 2014 and determined that Craigslist had flagged and removed fewer than half the listings that likely weren't genuine.
Looking for housing can be stressful, and people are vulnerable to schemes that advertise below-market pricing or ways to get ahead of the rental game.
Victims sometimes proceed even if a deal looks too good to be true, convinced by confident reassurances from the scammers, said Damon McCoy, an assistant professor in the Computer Science and Engineering Department at New York University and one of the study's authors.
"By the tens of thousands of ads that we found, [the scammers] are clearly successful at making money," he said in an interview Tuesday.
The study is due to be presented at the Financial Cryptography and Data Security conference in Barbados next week.
Craigslist didn't respond to emails seeking comment. The site has long published guidance to help its users avoid scams. It warns people to be suspicious of ads that involve wiring funds over Western Union, and says face-to-face transactions will help avoid most problems, among other tips.
To sort legitimate ads from fakes ones, the researchers looked at data including IP addresses, common bank account numbers and email addresses. They also looked for similarities in the content and templates used for ads.
They wrote a bot that engaged advertisers via email, and even filled out templates used for rental applications to help identify scams. That method worked -- for a while.
"At some point, the scammers got wise to us and they began changing the template," McCoy said.
One of the most common scams involves credit reports. A con artist places a fake rental ad and, if a victim responds, directs them to pay for a credit report. If the victim pays, the scammers collect a commission.
In another scam, rental listings from other real estate websites were cloned and advertised on Craiglist. But the rental cost was lowered to a below-market price, McCoy said. The scammers asked for a wire or bank transfer to cover a deposit and the first month's rent. The researchers determined that most of those scammers were in Nigeria, with some in the U.S.
Another scam involved selling lists of rent-to-own or pre-foreclosure properties. The lists often included properties that aren't available or had suspiciously low prices. The researchers urged regulators to look into companies that provide these lists, and they named a few in the study.
They found more than 8,000 ads for these lists on Craigslist, and said the service flagged only 57 percent of them.
Overall, Craiglist failed to flag 47 percent of the rental ads that were probably scams, and for those that it did identify, it took a long time to flag them.
Of the listings cloned from other real estate websites, 60 percent stayed up for 10 hours, and 40 percent remained online for more than 20 hours -- plenty of time to catch some victims.
McCoy, who also co-authored a paper on another type of Craigslist scam, said the researchers reached out to Craigslist but received no response.
"It'd be great to work with them and try to improve the situation," he said.
The study's other authors were Youngsam Park of the University of Maryland and Elaine Shi of Cornell University.
Join the CIO Australia group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.