Friday, August 24, 2007 - Page updated at 02:08 AM
E-mail article
Print view Share:
Digg
Newsvine
Online job seekers become prey
Information
Monster.com's detailed precautions: help.monster.com/besafe
Share your story
If you've been victim to online data fraud on Monster.com or any other Web site, let us know. Contact The Seattle Times at 206-464-2204 or by e-mail at newstips@seattletimes.com
Monster Worldwide acknowledged Thursday that intruders swiped sensitive data for at least 1.3 million job seekers from its popular employment Web site.
Using e-mail addresses, phone numbers and other personal information harvested from Monster.com, hackers have posed as potential employers or as the Web site itself in a bid to hustle the victims' bank-account numbers and passwords.
The intruders also have used e-mail come-ons and pop-up ads pitching job-finding services to persuade victims to click on a tainted Web link. Clicking on the link results in an error message and turns control of the computer over to the intruder, said Don Jackson, virus researcher at security firm SecureWorks.
Monster.com said it shut down the "rogue server" where the stolen data was stored and that only names, addresses, phone numbers and e-mail addresses were found. It declined further comment, saying it was cooperating with law enforcement.
However, security experts said the rogue server likely was only one of dozens used to steal and store data in an elaborate theft campaign that has been operating since May.
There could be many more than the 1.3 million Monster patrons whose personal information has been breached, and there is little stopping the intruders from continuing the attacks, said Robert Sandilands, chief researcher at security firm Authentium.
"It is a very good first step by Monster," Sandilands said. "There will have to be more changes to prevent this from happening again. This was a smaller part of a much bigger operation."
The scheme came to light after computer-security firm Symantec reported on its Web site that it had found a hoard of 1.6 million personal records, including duplicates, stolen from Monster.com on a computer in Ukraine.
By Wednesday, Monster had posted a warning on its online "security center" that scam artists were sending bogus job offers to try to obtain bank-account information.
Monster said Thursday it would warn each victim by mail.
Symantec told Monster of the problem Aug. 17. Vice President Patrick Manzo said Monster waited five days to tell users of the intrusion.
"In terms of figuring out what the issue was, that was a relatively quick process," he said. "The other issue is, you want to make sure exactly what you are dealing with."
![]()
Infected computers are being incorporated into "zombie" networks to spread e-mail spam, deliver more infections and collect and store stolen data. Meanwhile, all information typed by the computer user into the Web browser, including usernames and passwords for online accounts, is collected.
Jackson, of SecureWorks, tracked down several servers being used to store data collected over time from victims' browser activity, including Social Security numbers and other data. One such storage unit held rich data for 46,000 individuals, he said.
The hackers appear to have used such data to log in to a job recruiter's Monster account and order contact information for 1.3 million job candidates.
That data, in turn, was used to target known job seekers for e-mail scams touting Monster's services.
Some Monster users said Thursday they had seen such e-mails as far back as February. Manzo said Monster had noticed e-mail attacks on customers eight or nine months ago but didn't have concrete evidence of improper access until the past week.
While multiple malicious programs are in use against Monster and its clients, Symantec said they all appeared to be written by the same band of thieves.
The attack has been so effective that security experts expect it to be tried at other employment sites. Social- and business-networking sites are also susceptible, they say.
"The advice to just stay out of the dark corners of the Internet really doesn't hold water anymore," said David Cole, director of the Symantec Security Response team. "The bad guys are going to legitimate Web sites and attacking people."
The security breach is notable because of its complexity and size. Average computer users have grown accustomed to ignoring fraudulent come-ons for their bank accounts that purport to be from the likes of PayPal or Citibank.
But the Monster scheme is more convincing because e-mails sent by the scammers include personal information about victims such as their cellphone numbers and street addresses.
Patrick Martin of Symantec said the sham job pitches were especially effective because Monster users were hoping to hear from strangers.
Material from Reuters was included in this report.
Copyright © 2007 The Seattle Times Company

entertainment

events for Tuesday, Dec. 2nd
- Eagle Eye (Movie)
- High School Musical 3: Senior Year (Movie)
- UW Music: Carol Fest (Classical music)
editors' picks
More shopping guidesUPDATE - 04:40 PM
Big Three survival bailout requests rise to $34B
WaMu to lay off 3,400 in Seattle; bank to empty most of its leased space downtown
UPDATE - 05:47 PM
Entellium files for bankruptcy protection
Clearwire makes its WiMax broadband brand Clear
Delta details planned capacity cuts
- JPMorgan cutting 3,400 Seattle jobs
- WaMu to lay off 3,400 in Seattle; bank to empty most of its leased space downtown
- College Football | With UW, Pat Hill says he had "great" talk
- Cougar fans nip at request for Husky Stadium funds
- US cruise ship outruns Somali pirates' guns
- Wal-Mart worker trampled to death by frenzied Black Friday shoppers
- UW to get close look at Jeff Tedford
- Boy's archery death accidental, coroner says
- Star Times | Football: Offense
- Bush: `I'm sorry' the economic crisis is occurring
- JPMorgan cutting 3,400 Seattle jobs
- WaMu to lay off 3,400 in Seattle; bank to empty most of its leased space downtown
- Canada's oil-sands boom creates vast riches and a dirty footprint
- Meteorologist Cliff Mass examines Pacific Northwest weather in his new book
- UW uses artwork to help sharpen visual skills of future doctors
- Wal-Mart worker trampled to death by frenzied Black Friday shoppers
- Recycling fees may rise as demand, prices drop
- Cougar fans nip at request for Husky Stadium funds
- Gregoire looking at massive state budget cuts
- 2 homeless women back on their feet for Seattle Marathon
