NATO Job Offer Virus-Borne E-mail Scam Spotted
Webroot the security company is warning about cyber-criminals who're enticing gullible Internauts into divulging extremely private information and also infecting their computers, by telling they could get lucrative jobs worth large salaries at the main office of North Atlantic Treaty Organization (NATO) via dispatching applications.
It maybe noted that NATO is a signed agreement between governments for defense cooperation, on the back of the North Atlantic Treaty, while coming into existence on April 4, 1949.
The application procedure requires completing one NATO Employment Application Form along with an interview form, both actually a fake. The forms solicit information that's highly personal as also extremely sensitive, including name and address, birth-date, mobile phone and landline numbers, marital status, details about kids for those having any, e-mail id, education, job history, other expertise etc.
There are also things asked such as regarding security clearance, the prospective worker's date-of-expiration along with information about whether the applicant has any military else civilian family member presently employed at NATO.
Moreover, probable individuals applying would as well require supplying all information about their whereabouts in foreign countries like countries visited, dates of visit and reasons for the same.
And if duped Internauts send the application form, they get an encouraging e-mail from NATO, telling they can now communicate with the training institute's Director over electronic mail at email@example.com or firstname.lastname@example.org and get themselves registered and obtain the training details.
But, Security Researcher Dancho Danchev at Webroot says, response by the nspa-nato.int.tf and usnato-hr.org domains, mentioned above, happen to the Internet Protocols, to which several bogus domains too do such as those impersonating FBI, PayPal, eBay along with others, with all diverting onto websites harboring the BlackHole attack toolkit or some more client-side attack codes. Help Net Security published this during the 4th-week of May 2013.
Unfortunately, anyone using the above stated ids will be led onto the exploitative bogus URLs from where they'll solely download malware.
Danchev does not state if the scam targets particular individuals or is widespread, however, he concludes, the bogus employment opportunities probably are meant for selecting undesirable applicants, therefore, it can actually be described as targeted.
» SPAMfighter News - 31-05-2013