Python Expert Makes Life A Living Hell for Craigslist Scammer

Read time: 3 min.

Table of Contents

While the Internet is a place full of scammers, YouTube is also a mega video sharing platform filled with experts from different niches, software engineering included. In this particular case, a random scammer has met his or her match – a software engineer and YouTuber named Engineer Man

“Some silly Craigslist scammer thinks he’s gonna pull a fast one on me? I don’t think so. Time to waste his time and for you to learn something with this new Python video.”

Engineer Man described that he received a bogus URL from the scammer via text and wasted no time into devising the best comeback he could come up with to retaliate against this scam attempt: Send a bunch of fake email and passwords over and over.

He then went ahead with his “trusty” Chrome Console to search for its request URL and start to generate the email list by googling “1000 most popular baby boy names” and Python. 

You can watch the rest of the process here:

Although the process seems to be really complex and cool, some have pointed out the flaws in his strategy. 

Legend of the Stormlord

Unless you have that thing running all the time (looping), then your requests will all basically be in one giant block with 8 character passwords. It would be easy for him to crop them out. It would be better to kick them out slower with a bigger name base that’s more randomized with passwords that are better randomized (including length). And run it constantly.

Landon J Powell

Seriously. It’d take 30 seconds to make a regex that’d clean this sh*t up.

Emails are all in this format: /[a-z]*\d@yahoo\.com/g
Passwords are all in this format: /.{8}/g

If he’s got the know-how to make a phishing page, he’s got the know-how to make a regex that fixes your sh*t.

SpinxasIt

Not sure if anyone mentioned, but you could have tried SQL injection, as he might not be escaping it. Could blow up the whole database if you wanted to.

 

So yeah, the showing who’s boss using Python tutorial is not the best one to get back at a phisher, but Engineer Man probably did not want to use an SQL injection either and upload a video of himself committing a crime on the Internet.

It is important to distinguish between sending a chunk of fake logins to be annoying and attacking the database.

The “I could have done it better” comments that critiqued on Engineer Man’s video also sprung up a few jokes and politically right answers.

Bruce Webster

Great video. 🙂 Reading through the comments, I’m reminded of the classic joke: Q: How many programmers does it take to change a light bulb? A: 35. One to actually change the bulb and 34 to say after the fact, “I could have done that better.”

 

BPNave

Yes, there are better ways to do it. Yes, you should share them here. No, you shouldn’t berate Engineer Man for not doing them. He did 90% of the work that cost 10% of the time here. He isn’t going to turn his 5 minute video into half an hour just to squeeze out that last 10%. It’s a proof of concept, people.

 

Related:

Watch Jack Ma’s Original Sales Pitch in 1999 (Alibaba Story)

iPhone XS and iPhone XS Max: The Best reactions

NTU Student reveals why top SG students go to Universities in the US/UK when NUS/NTU are highly ranked

Building a real Iron Man suit, from an engineering perspective? Are we close?

This post is also available in: 简体中文 (Chinese (Simplified)) Deutsch (German) 한국어 (Korean) Melayu (Malay) Español (Spanish) ไทย (Thai) Tiếng Việt (Vietnamese)