A new scam site has been found: That’s right, its, not The misspelling of “Craigslist” in the domain name is deliberate. This site looks just like the now defunct scam site, which we reported on March 14th. Like that old site, it uses your credit card information to sign you up for the porn site

The ISP for is Leapswitch Networks. If you’ve received a scam message for this site, send a complaint to them at, and also send a complaint to Include the headers of the message with your complaint. Also, send a complaint to the ISP that was used to send you the message. Read our instructions on sending complaints to ISPs for more information.

UPDATE 5/14/11
Ishan Talathi of Leapswitch has left a comment on this post informing us that Leapswitch has suspended the website and that the new ISP for it is Worldstream. Your complaints should now be sent to is another fake “safe dating” site that asks you for your credit card number to verify your identiy. Like several other sites we’ve come across recently, this one uses your credit card number to sign you up for the porn site

Click to enlarge

Notice a couple things on the site’s home page. First, it says that if you want to meet people on the site that “a quick 30 second verification process will let you talk to them safely through our approved contact system”. supposedly maintains a database of known sex offenders. Well, guess what? There is no such organization as

Second, the sign up form is contained in a frame. That frame’s content comes from

Click to enlarge’s ISP is Romania Data Systems. If you’ve been targeted by this scam and you’d like to help get this site shut down, then send a complaint to Also, you should find out the ISPs used for sending you the scam messages and send complaints to them, too., and

Here are some messages from Amy of, another CraigsSecure scam site that was just created a few days ago. This is yet another fake verification site that asks you for your credit card information and uses it to sign you up for the porn site If you look at the page source for, you will see that all it does is use a frame to get content from another site, Scammers often use multiple domains for a scam site in this way.

Yes I am an actual person. haha. I hope you are too.

I just wanted to say I’m not interested in any long term commitments, just some sexual activity with a capable person.

Here is a picture. I hope you like it. I would prefer not to share too much information that is personal until I get to know you. I hope you understand. Explain more about yourself..

Hi, glad to see you replied.

Here’s additional information on me, I’m completely clean. you have to be also, protection is required.

you can find me on my page, since I don’t want the risk of some body I know to see my email with all of this stuff. This is my personal page:

Hit me up with a private message saying when you’re free, and if you want to get to know eachother better at your place or my place, or in another place you have in mind. The site will require login and needs your credit card to verify you are legal. Well, speak with you today I hope once I get back

Let’s look at the headers for the second message. Here they are, with the recipient’s name and email address removed. Look at the parts that are highlighted.

Delivered-To: *****
Received: by with SMTP id h1cs217972ybd;
Thu, 28 Apr 2011 07:33:39 -0700 (PDT)
Received: by with SMTP id o45mr4437364yhm.330.1304001219652;
Thu, 28 Apr 2011 07:33:39 -0700 (PDT)
Received: from ( [])
by with ESMTPS id 22si6055883yhl.249.2011.
(version=TLSv1/SSLv3 cipher=OTHER);
Thu, 28 Apr 2011 07:33:39 -0700 (PDT)

Received-SPF: neutral ( is neither permitted nor denied by domain of client-ip=;
Authentication-Results:; spf=neutral ( is neither permitted nor denied by domain of
Received: from [] (port=1512 helo=zap-server)
by with esmtpa (Exim 4.69)
(envelope-from )
id 1QFSHi-0004Xi-9u
for *****; Thu, 28 Apr 2011 09:33:38 -0500

MIME-Version: 1.0
Date: Thu, 28 Apr 2011 07:33:10 -0700
X-Priority: 3 (Normal)
Subject: *****
From: “amy”
To: “*****”
Content-Type: multipart/alternative;
X-Mailer: Microsoft Outlook Express 6.00.2900.2180
X-AntiAbuse: This header was added to track abuse, please include it with any abuse report
X-AntiAbuse: Primary Hostname –
X-AntiAbuse: Original Domain –
X-AntiAbuse: Originator/Caller UID/GID – [47 12] / [47 12]
X-AntiAbuse: Sender Address Domain –
X-Source-Sender: (zap-server) []:1512

The sections highlighted in red and blue are the “Received:” headers. These headers, along with the “X-” headers at the bottom are the most useful ones for determining who actually sent the message. They show the various servers and email accounts that were used for sending it. Even though the sender’s address is a Gmail address, the message was routed through two other servers before it got to the Gmail server.

The “Received:” headers should be read from bottom to top. The first of them, highlighted in blue, shows that the message was first sent from a machine with the IP address to Above this we have an “Authentication-Results:” header and a “Received-SPF:” header, neither of which concern us. The second of the “Received:” headers, highlighted in red, shows that the message was then sent from (IP to So the scammer routed the message through two machines before it was received by Gmail.

Now that we know the IP addresses of the servers that were used for sending this message, we can look up the ISPs for those servers and send them complaints. A good site for looking up this information is (Note: The site CQCounter is picky about this URL. It requires that you include that very last slash in the URL, otherwise it can’t find the page.)

Using this site, we see that the ISP for is and that the ISP for ( is The email addresses to which you should send complaints then are and

UPDATE 5/18/11
Someone has reported another site being used for this scam: Just like, loads its content from in a frame. The ISP for is Netelligent. If you receive a scam email asking you to visit this site, then send a complaint to Also send a complaint to the ISP that was used for sending you the scam email. To learn how to do this, read our instructions on sending complaints to ISPs..

UPDATE 5/10/11 is also being used for the scam. It loads its contents from, just like the other sites mentioned. is a clone of, a site we’ve already reported. This site does not provide any sort of dating verification service, it has no members, and there are no people on it to meet. It is a scam used to fool you into signing up for the porn site After you fill out the sign-up form on, you get taken to a page on

Click to enlarge

This is the fine print on the order form above:

+ You are entitled to free lifetime access as a basic member without any charge or further participation. Additionally, free premium access* will be granted at no charge provided you complete an online profile and confirm your information within two days, otherwise this membership will recur monthly at 39USD until cancelled. is hosted by LeaseWeb. Forward any scam messages you receive for that site to and make sure to mention that is known to be a scam site. Be sure to include a copy of the message headers.

UPDATE, 4/25: One of the fake identities used for this scam is Vicky Lattore and her profile page on the site is
Another of the fake identities is Diana Richardson who has this profile is yet another site pretending to offer the CraigslistSafe verification service. Someone posted a m4w ad on Craigslist and received this reply from “Elizabeth Babicke” (

hey I saw your ad and would love an occasional hookup get back to me.

After he replied to her, he received this message:

hi again are you free right now totalk?
i screen so do this for me and message me on there
cant stay on much longer though

talk to ya soon,

The securedate link in the message points to

The sign up form is contained inside a frame. When you look at the source code for the frame you see that it comes from, a porn site.

Source for sign up form

Again, there is no CraigslistSafe verification service. is not a dating site, it’s just a scam used to sign you up for porn sites and the scammer who owns gets a commission for each person he signs up. Anytime a site asks to use your credit card to verify your identity, it’s a scam like this one.