Saturday, February 24, 2007

Monster lure used to install malicious code

Spoofed (spam) e-mails, claiming to be from Monster (the popular job site) are being used as a lure to install malware on computers.

The good people at Websense are reporting:
Websense® Security Labs™ has discovered emails that attempt to lure users to click on a link in order to upgrade their system security. The emails, which are spoofed from Monster, are written in HTML and claim that Monster systems have been upgraded and that users need to download a certified utility to be able to use Monster. The domain name that the emails point to are using five different IP addresses. Upon connecting to one of the IP addresses, the code is run, several files are downloaded and installed on the user's machine, and another file is downloaded and installed from a server in Denmark. The files appear to be designed to steal end-user information.
Websense alert, here.

Stealing end user information means that anyone unfortunate to have this code installed on their machine could become an identity theft victim.

Clicking on a link from an unsolicited e-mail can be dangerous. Of course, it also pays to have your computer protection up-to-date.

These types of lures to defraud people are known as social engineering. Wikipedia has an excellent article about social engineering, here.

Unfortunately, this isn't the first time a job site has been used as a vehicle to commit fraud.

Criminals often steal personal information posted on job sites, or trick people into giving it up by pretending to offer them a job. Another well known scam involving job sites is where people are recruited to negotiate fraudulent financial instruments (launder stolen money) and wire the money back to their (questionable employers).

Sometimes these financial instruments are outright counferfeits, also.

The Privacy Rights Clearinghouse has information on how to avoid fraud on job sites, here.

2 comments:

Anonymous said...

Why are people so seemingly easily duped into clicking on these?
They must think it's legit, and then their hooked in.
FTGF!

Anonymous said...

what happens if you fall prey? How do you get rid of the files?