This is cache of http://feeds.feedburner.com/~r/itsecurity/~3/290689066/. Cache is the snapshot of article that we took when we index feed.
To see original page click here.
We are not affiliated with the authors of this article and not responsible for its content.
Major Career Web Sites Host Email Harvesters
2008-05-14 12:01:07 by Editor in IT Security - The IT Security Industry's Web Resource
 

Career search sites like Monster.com and CareerBuilder.com are popular with all sorts of people in the work force, looking for all kinds of jobs — which might be why they’re also so attractive to black hat hackers who can take advantage of their mass appeal and attack their audience with spam and malware. In addition, job seekers who want to appeal to employers are also putting up a lot of personal information, making them easy targets.

One current email harvest kit is said to be currently attacking the following job search sites, according to an article on ZDnet:

Ajcjobs.com; CareerBuilder.com; CareerMag.com; ComputerJobs.com; HotJobs.com; JobControlCenter.com; Jobvertise.com; MilitaryHire.com; Monster.com; Seek.com.au

This kit has some unique features with a lot of customization capabilities, such as:

has a built-in proxy/socks functionality
allows hackers to target users from specific regions
attempts to recognize CAPTCHAs, and when it can’t, relies on registered users who have done so

The article itself is a tough read, but has more info about this exploit. It’s good to be aware of, if you or anyone you know are looking for jobs on these sites.

 
Tags: sites, black hat hackers, hackers, mass appeal, appeal, built-in proxysocks functionality, users, job seekers, job
 
 
 
 
 
RELATED VIDEO
Expand / Minimize
SecurityRatty FAQ
Sergey Zarubin, 31yo
CISSP, CCSP
Moscow, Russia