News

Monster.com users targeted by CV phishers

Antony Savvas

Monster.com users targeted by CV phishers

McAfee has discovered a new phishing scam targeting users of jobs site Monster.com.

The scam targets both job seekers and recruiters using Monster.com. E-mails asking users to click through and update their profile appear to be linked to Monster.com, but can be traced back to a bot computer in Turkey.

McAfee said the scam is most likely to impact recruiters, with the perpetrators trying to gain access to their accounts and consequently to hundreds or even thousands of CVs.

McAfee said CVs offered fraudsters a potential gold mine of useful information.

Greg Day, a security analyst at the company, said, "With the news full of stories about the credit crunch, leading to concerns about potential job cutbacks, many people are looking to the internet to find potential employment opportunities and see what's available to provide some reassurance in the current climate.

"Unfortunately, scammers are getting wise to this, as we have seen with a recent influx of phishing attacks looking to steal personal details by gaining access to online job hunting profiles or tempting victims with information of potential job openings."

In August 2007, more than 1.3m users' details were stolen from Monster.com when its system was compromised using two servers at a web hosting company in the Ukraine.

More recently, Monster.com and other leading sites have been targeted by the Russian gang "Phreak", which extracted data from CVs using an identity harvesting tool.

Further information on the latest Monster.com attack >>

Data breaches - the legal aftermath >>

Monster hack sees 146,000 government job applicants' records taken >>





Email Alerts

Register now to receive ComputerWeekly.com IT-related news, guides and more, delivered to your inbox.
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
 

COMMENTS powered by Disqus  //  Commenting policy