Trend Micro Facebook TrendLabs Twitter Malware Blog RSS Feed You Tube - Trend Micro
Search our blog:

  • Recent Posts

  • Calendar

    October 2014
    S M T W T F S
    « Sep    
     1234
    567891011
    12131415161718
    19202122232425
    262728293031  
  • About Us


    The increase in attacks targeting job hunters calls for more security measures for both of job recruitment sites owners and job seekers alike, especially on the disclosure and access of information being posted by job seekers.

    A service involving a tool that scours through popular US job recruitment sites to harvest jobseekers’ information right from their curriculum vitas (CV) is currently being offered by the Russian gang, Phreak, TheRegister reports.

    The tool uses a predefined recruiter ID which it uses to sift through job recruitment sites like the following:

    • Ajcjobs.com
    • AOL Jobs
    • Careerbuilder.com
    • Careermag.com
    • Computerjobs.com
    • Hotjobs.com
    • Jobcontrolcenter.com
    • Jobvertise.com
    • Militaryhire.com
    • Monster.com

    Acquired data from CVs are then returned as a Web form to the users of the tool, displaying information such as names, home addresses, and email addresses. Phreak reportedly charges $600 for the data, which will most likely be used for targeted phishing attacks.

    Job hunters are well becoming frequent targets by malware authors, with popular job recruitment site Monster.com being defaced and also being frequently used for phishing attacks. More recently, a spam posed as a CareerBuilder job offer to entice recipients on sending their CVs to a certain email address.

    Threat Analyst Jasper Pimentel advises job seekers to limit the information on curriculum vitas to the necessary information only. It would also be helpful to setup a separate throw away email account for situations as such, where email addresses may be disclosed publicly.





    Share this article
    Get the latest on malware protection from TrendLabs
    Email this story to a friend   Technorati   NewsVine   MySpace   Google   Live   del.icio.us   StumbleUpon




    Comments are closed.



     

    © Copyright 2013 Trend Micro Inc. All rights reserved. Legal Notice