Infostealer.Monstres

Someone hacked Monster.com. I had closed my monster account over a year ago, but I use USAJOBS to keep an eye on NASA programming positions. (Yes, I still think it would be cool to work for NASA.) USAJOBS uses the monster.com system to manage the government jobs in its database. The USAJOBS database is one of the db's that was downloaded.

I've been getting huge amounts of phishing scam email. Gmail mostly catches it, but once in a while one is getting through. It looks like that whoever got the data is selling it to the enemy.

For now, it would be best if you ignore any unsolicited job offers in your in box. DO NOT click on the websites even if the spam filter lets the email though.

Here's an example of the spam:

The qualifications and experiences you've listed on your resume prompted me to contact you regarding an available position we are attempting to fill for a client. Faro Inc. is looking for a Application Engineer and I feel that you may have the attributes they are seeking.

My job title on the USAJOBS db as Application Engineer. One clue that this is mass email is the phrase "a Application Engineer", notice that it should be "an". This refers me to a site with an official sounding domain, but there is nothing on the site but a form for me to fill out my sensitive information including Social Security number.

Here's part of the USAJOBS email

8/30/2007

Dear USAJOBS User,

Recently, malicious software, known as Infostealer.Monstres, was used to gain unauthorized access to the Monster.com resume database to steal the contact information of job seekers. Monster Worldwide is the technology provider for the USAJOBS website and regrettably, some of the contact information captured came from USAJOBS job seekers.

The information captured included name, address, telephone number, and email address. Monster Worldwide has assured the U.S. Office of Personnel Management that Social Security Numbers were NOT compromised because of IT security shields USAJOBS has in place.

Access to the data was obtained through the use of a private sector Monster customer's computer using legitimate employer credentials. OPM is working closely with Monster to quickly protect the USAJOBS data. Monster Worldwide already has identified and shut down a rogue server that was accessing and collecting the job seeker contact information. Further safeguards are being put into place.

We ask you to remain alert for counterfeit "phishing" emails that may appear to come from Monster.com asking you to click on a link. USAJOBS will NEVER request personal information via unsolicited email (i.e. not a response to an email sent by you). Monster has also assured us THEY will NEVER ask any site users to download any software, "tool" or "access agreement."