MONSTER.COM CREATES A FRANKENSTEIN
It started out on Aug. 21, when Matt Chapman at Vnunet.com announced that hundreds of thousands of recruitment hopefuls on Monster.com had had their personal details stolen. Symantec discovered the website had been attacked, and advised Monster on Aug. 17. Customers weren’t notified until Aug. 22, one day after Chapman broke the story, according to an article in MSNBC.com. However, Monster then upped the ante to 1.3 million job seeker records lifted. The information stolen included name, home and work address, e-mail address, mobile and home phone numbers. Now why would the crooks be interested in this private information that doesn’t include at least one of the two main ingredients for ID theft: Social Security number, or date of birth? Because it is probably just as lucrative, and easy, to use the e-mail addresses for phishing scams to prey on unwary job candidates, particularly in the name of Monster.com. And with the sensitive data that was stolen, it is very easy to get your SS# and DOB on the Internet anyway. MSNBC even reported that some Monster users had already received spam asking for financial information. In an Associated Press piece on USA Today, the word is the bad guys hustled passwords from recruiters to do their dirty work. They took resumes and “used information on those documents to craft personalized "phishing" e-mails to job seekers.” This event once again emphasizes why it is so necessary to protect all of your private information, especially now when the phishers have become ultra sophisticated in designing their sites to look identical to the original. However, even in these phishing schemes—as well as several other types—your sensitive data would be safe if you were in control.