Welcome to WebmasterWorld Guest from 220.127.116.11
Forum Moderators: phranque
US job website Monster.com has suffered an online attack with the personal data of hundreds of thousands of users stolen, says a security firm.
A computer program was used to access the employers' section of website using stolen log-in credentials.
Symantec said the log-ins were used to harvest user names, e-mail addresses, home addresses and phone numbers, which were uploaded to a remote web server.
Symantec said it had seen reports of phishing e-mails sent out to Monster.com users which were "very realistic, containing personal information of the victims".
The e-mail encouraged users to download a Monster Job Seeker Tool, which was in fact a program that encrypted files in their computer and left a ransom note demanding money for their decryption.
"To the best of our knowledge, this is not a hack of Monster's security, rather, legitimate customer credentials are being used to log in to the database," said Patrick W. Manzo, vice president of compliance and fraud prevention at Monster.
It appears that a trojan was used to obtain Monster.com login credentials but that is more of an issue with the personal computers of the employers who have a Monster.com account. Unfortunately Monster.com is going to get the bad PR but it already sounds like they are trying to educate people that the same type of info was harvested that you can get from other public sources like a phonebook. (except of course email address which in this case is the method used to illegal solict the userbase and obviously the bigger issue)
Unless there is more to the story I would have to think this type of problem could occur for any number of websites that offer opportunities for one user to view the profiles of other users. Oh wait....there are HUNDREDS of these types of sites.
InformationWeek: Phony Ad On Job Sites Leads To 100,000 Stolen Identities [informationweek.com]
Security researchers have unearthed the single largest cache of stolen identities, thanks in part to a Trojan stealing the data that has been hidden in a fraudulent advertisement on online job sites like Monster.com.
The data, which includes bank and credit card account information, Social Security numbers, online payment account usernames and passwords, comes from victims who were all individually infected with the Trojan beginning in early May.
The willingness of people to enter whatever a form asks them for will never cease to amaze me...!
I haven't sussed it out... Is this case seperate from the trojan job ads on Monster (and others)? It sounds like it.
InformationWeek: Phony Ad On Job Sites Leads To 100,000 Stolen Identities
I just did fport on my machines and thankfully there isn't anything listening on port 6081 :) (or anything unusual on other ports)
You might well be correct, but for the general public it's going to be a little hard to believe that though. Why did this person go to all the trouble of harvesting info from Monster.com if they could have gotten it all perfectly legally from public sources?
I posted a resume 4 or 5 years ago on monster.com and others, and I can't stop them from sending email. I still get jobs available listings in my local area. On top of that, I get quite a few spams from recruiting agencies.
And every once in awhile there is a barrage of spams related to positions available at Google.
So I suppose a few more jobs available spams won't make much difference.
"...recently posted a job opening on Craigslist and got email bombed..."
Whenever I post on CL, I write "Please respond with your name and phone number and I'll call you ASAP". I use CL quite a bit a find 50% of the email I reply to generates a week of spam.
If I'm selling a car or renting out a room I sometimes put my phone number in the ad and no email (not even the anonymous CL address).
I think CL is a major cause of the drop in profits for Monster. I'm in the Boston, MA area and CL did free posts for everything for a couple years, a few months ago they started charging for JOBS listings --- which had a positive effect and got rid of all the scammers posting "Work From Home" and "Model Wanted" ads, no drop in overall real job listings.
CL definitely hurt the local newspaper "Help Wanted" section and it has to be hurting Monster.
CL is fast, easy to search, no hoops to jump through and people can still post under Gigs and Service (and other areas of CL) as "Work Wanted" or "Services Offered" for free -- I haven't been on Monster in a few years (and used to browse all the time looking for short term contract work), now I check CL and pick-up work there often.