So phishing is pretty sophisticated these days. I’m used to receiving emails from princes in Nigeria asking me to help them unlock their funds. I’m used to dumb emails coming to me with ridiculous grammar mistakes, poor spelling, and loaded with links trying to get me to click on them – I call them stealth spam. Some spam I actually respect – they are clearly advertisements. Well, I am searching for some apartments in New Haven right now and I was cruising Craigslist this morning. I spent an hour or so pouring through the listings, checking addresses to make sure they are close to where I want to live (Union Station/Yale) and sent out a couple inquiries via email.
I received responses on both inquiries, actually telling me to go to a website and get my own free credit report with the score and bring it to the showing. I’ve written each of the senders back and haven’t receieved a reply yet. I got suspicious, so started checking for phone numbers – nothing. One of them claims to be from a rental group (krtrentalgroup.com) and the website conveniently says “Home page is temporary down for maintenance.” The email did include a couple links for me, though. One to an application, and another to a PHP scripted website that will allow me to also get a free credit report. So I go there (I have scripting blocked on my web browser, so I feel relatively safe) and find it leads me to National Credit Report (.com) (affiliate ID affID/1119… I’m reporting you, you bastard(s)!)
I believe I’m the victim of a couple elaborate scams to get me to go sign up for a “free credit report”. Don’t fall for it, folks. A renter or rental agency will charge you an app fee to run their own credit check on you. In any event, the government does mandate that your credit reports are offered to you annually for free. Here’s a link to the Federal Trade Commission’s website regarding the credit report. Please the page! The correct, and only government-mandated service, is located at Annual Credit Report.
So, no awesome apartments that “are going to rent soon, act now…”. *sigh* These kind of lures are falsely advertising that they have rentals available – I believe that’s illegal. The good thing about being led to an affiliate ID is that National Credit Report has payment details to send the checks to. Assuming National Credit Report is actually a legitimate business.
July 30th, 2009 at 10:52 am - Edit
So one of the links I followed did have my email address. It sent me some information about how to get a free credit report (again) from a different website. Now, I’m not concerned about how they got my email address (I emailed them, remember?). The funny thing is, it says the request was generated from IP: 124.217.253.122
Date: July 30, 2009 11:37 EDT. the time is right, but the IP address is not my computer (remember I don’t allow scripting to run on my web browser) so the “request” was done as part of the web link I was being passed to. Funny. An rDNS lookup tells me the geolocation of that address is in Malaysia! Bastards!