If you receive a job offer purporting to come via Monster.com, think hard before you respond to it. Hackers using Ukraine-based servers and a Trojan Horse known as Infostealer.Monstres , stole names, addresses, phone numbers, email addresses and resume ID numbers belonging to over 1.6 million users (almost all in the US) of the popular job-hunting site. The server's been shut down , but as usual, the horse (in this case, a Trojan Horse), is already loose.
[ Correction on 08-27-07: Because of duplications, the 1.6 million number referred to in the previous paragraph refers to records, not separate individuals (some of whom have more than one record at Monster.com). However, even when duplicates are considered, several hundred thousand job-seeking users have had their information compromised by this data theft- MS]
The Infostealer.Monstres malware program stole login information used by legitimate job recruiters. Once the hackers could access the job recruiter section of the Monster.com website, grabbing the information they wanted was easy.
If that was all the hackers were after, it would be a lot of effort for a paltry return. However, Symantec, which tipped off Monster.com that it was under attack, also discovered the real objective of the data theft: a classic identity-theft scheme with a couple of twists.
If you get an email purporting to be from a job recruiter via Monster.com, but asking for bank account information or similar financial data, don't reply to it: it's actually coming from the hackers who engineered the data theft. Give it up, and watch your money disappear.
Even if all you do is click links in the email, your problems are just beginning. According to a report in Computerworld , the fake emails contain links to two pieces of malware:
According to Symantec's writeups, these threats, by themselves, are not difficult to contain or remove. The problem is that they are concealed inside an official-looking email from a trusted source (in this case, Monster.com). If your system is not running up-to-date antivirus software and you click the link - you're in trouble.
Sadly, this latest breach of computer security shows the dark side of the interconnected nature of today's technology: a weak spot in some PC users' security (in this case, some recruiters using Monster.com) can be exploited to attack both those users and many, many others. As always, it pays to think before you click .