Phishers Launch Targeted Attacks on CareerBuilder.com
A network manager said his engineering company was recently fighting phishing attacks that tried to lure with false online resumes on CareerBuiler.com. Phishers were launching targeted scams from the job recruitment site.
CareerBuilder.com had been collecting personal information consisting of contact details such as e-mail ids from its users to provide them with the latest about job postings and services catering to their interests. This collection was also to ensure efficient and effective operation of the site.
Marc Cote, manager of network services at an engineering firm in Midwest said his company regularly posted job openings on CareerBuilder.com. Recently, Cote got clues that phishers were exploiting the online job site with malicious attacks. Techworld.nl published this in news on March 13, 2007.
Cote supplied a phishing e-mail to Network World as an example of the attacks. It included a covering letter with a fake signature. The letter said that the applicant wanted to join as an employee and since the company didn't respond to his faxed resume, he was posting it via a link connected to a website.
An attacker typically sends e-mails to company managers searching job applicants asking them to go to a website via an attacked link to peruse a resume. On clicking the link, there is an attempt to execute a Trojan that compromises the computer, Cote added.
Cote further said that his unit had deployed filters on its computers to block those phishing websites as soon as they discovered them. It had also started spreading awareness among corporate managers about the latent problem.
Related article: Phishers Expand Their Sphere of Attacks
» SPAMfighter News - 28-03-2007