Posted under Online Identity on August 22nd, 2007
News articles have reported another scam targeting people whose resumes were posted on Monster. Because of a security breach, the contact information from millions of resumes was captured, in particular, the email addresses. People who have posted resumes receive a “phishing” email that appears to come from Monster and encourages people to install some job-search software. People then receive either of two harmful programs. One enables the thieves to record passwords when the user performs online banking transactions, thus providing the thieves with access to people’s bank accounts. The other program locks important files so the user can’t access them until paying a “ransom” fee of $150 to unlock the files.
The source of the security breach appears to be from one of the employers that uses Monster and not from Monster itself. Nevertheless, if you have a resume on file with Monster, be on the lookout for a bogus message from Monster and don’t install the alleged job-search software the message promotes.
As always, caveat emptor.
Posted by Wendy Gelberg
Print This Post