Monster.com Subjected to Phishing AttackAccording to McAfee, vendor of software security, a phishing campaign is targeting visitors to the job site - Monster.com. The scam is targeting recruiters as well as those seeking jobs. According to Researchers at McAfee Avert Labs, the phishing scam involves an e-mail that asks recipients to click on a given link and provide their current profile information for Monster.com. However, the link actually connects to a Turkish botnet. According to Greg Day, Security Analyst at McAfee, scammers are experimenting with increasingly sophisticated and diverse techniques to collect information that could yield financial rewards, as reported by SCMAGAZINE on July 15, 2008. Describing the phishing scam, Dave Marcus, Director of Security Research and Communications at McAfee Avert Labs, said that the scam seemed to entice job seekers to provide their usernames and passwords onto a fraudulent site. The idea behind the scam is to obtain personal information like date of birth and Social Security numbers of the user, as reported by SCMagazineUS on July 15, 2008. Meanwhile, as per security analysts, in the current situation of job cutbacks, people are largely searching the net to try and find alternate employment opportunities and also see what exists to provide them solace in the present climate. Further, according to the analysts, scammers are taking advantage of this situation as is evident from a recent inflow of phishing attacks that tried to steal users' private details by wrongfully accessing to the profiles of online job seekers or by tempting the possible victims with job information. Also, as per an 'Online Fraud Report' by RSA, extracting data from victims via phishing attacks become much easier through phishing kits that directly transmit data to the phisher's server. Apart from this, the Russian "Phreak" gang in the 2nd week of July 2008 targeted Monster.com and other leading job sites to extract information from people's resumes using a tool that harvested identity. Meanwhile, the current phishing attack on Monster.com is not the only security incident. In August 2007, more than 1.3 Million users' data were stolen when a fraudulent operation from two computer servers at a Ukraine-based web-hosting firm had compromised Mosnter.com. Related article: Minnesota To Make Amendments in its Cybercrime Laws ยป SPAMfighter News - 8/2/2008 |    |
Dear Reader
We are happy to see you are reading our IT Security News.
We do believe, that the foundation for a good work environment starts with fast, secure and high performing computers. If you agree, then you should take a look at our Business Solutions to Spam Filter & Antivirus for even the latest version of Exchange Servers - your colleagues will appreciate it!
 |  |
