Friday, August 24, 2007

The Monster.com mess

Computerworld has a good update by Gregg Keizer on this developing story.
The last thing you need when you're unemployed is a bank account that's suddenly emptied. But that's exactly what some unwary users of employment search site Monster.com faced after identity thieves made off with the personal information of more than a million people looking for jobs.

This still-developing story has enough nooks and crannies to confuse a gumshoe, but some facts are clear: Monster's resume database was looted, and the personal information taken was used to forge convincing messages that deposited password-stealing Trojans and ransomware on users' PCs.

Calculated and ambitious, the attack is striking for how it blended several elements -- stolen credentials of legitimate users, phishing e-mails, Trojan horses, money mules and more -- into a slick assault. Here's what we know so far.

Labels: , , ,

1 Comments:

Comment by Blogger Andy Hanson:

Way to go, Jim. Very useful info. Glad I'm not looking for a job! Andy

10:22 PM  

Post a Comment

<< NIASAWHIWB Home