Cormac Moylan

I wasn’t aware of it but Monster’s database was recently hacked and confidential information about Monster’s jobseekers, such as email addressees and phone numbers, fell into the hands of phishers.

Phishing is the technical term giving to attempts to ‘withdraw’ information such as bank account numbers by using bogus email addresses and fake websites to trap users. If you have ever received an email from a Nigerian Prince (haven’t we all at this stage!) then you too have received a ‘Phishy’ email

I have an account on Monster and luckily my personal information wasn’t lost but that didn’t stop Monster from mass emailing all their users informing them of the issue and at the same time educating them about Phishing and ways to spot bogus attempts.

For those who don’t have an account on Monster, the opening paragraphs read as follows:

Protecting the job seekers who use our website is a top priority, and we value the trust you place in Monster. Regrettably, opportunistic criminals are increasingly using the Internet for illegitimate purposes. As is the case with many companies that maintain large databases of information, Monster is from time to time subject to attempts to illegally extract information from its database.

As you may be aware, the Monster CV database was recently the target of malicious activity that involved the illegal downloading of information such as names, addresses, phone numbers, and email addresses for some of our job seekers with CVs posted on Monster sites. Monster responded to this specific incident by conducting a comprehensive review of internal processes and procedures, notified those job seekers that their contact records had been downloaded illegally, and shut down a rogue server that was hosting these records.

The Company has determined that this incident is not the first time Monster’s database has been the target of criminal activity. Due to the significant amount of uncertainty in determining which individual job seekers may have been impacted, Monster felt that it was in your best interest to take the precautionary steps of reaching out to you and all Monster job seekers regarding this issue. Monster believes illegally downloaded contact information may be used to lure job seekers into opening a “phishing” email that attempts to acquire financial information or lure job seekers into fraudulent financial transactions. This has been the case in similar attacks on other websites.

Fair play to Monster for informing all their users of the issue. They choose not to ignore the issue and they went one better by providing a lot of solid information to their user base.

A lot of financial institutions are on the receiving end of Phishing scams but they also maintain the same ’see no evil, hear no evil’ stance. They simply ignore Phishing scams.

Every now and then AIB or BoI would be in the news regarding hordes of bogus emails sent to their users and each time they simply say ‘We would never email our customers asking them to provide their account details via emai’.

Mmmm, I’d love to know how many of their customers get hit and if the banks could actually handle Phishing a bit better by alerting and educating their customers of Phishing attacks?

Maybe they just don’t want to rock the boat?

Monster went on to provide five samples of some of the phishing emails users have received claiming to be from Monster.com. On each sample they highlighted the main elements of the mail to be wary of. This elements include grammar mistakes within the email, asking for your credit card information and requests to download software.

Sample 1
Sample 2
Sample 3
Sample 4
Sample 5

Within the mail they included some more tips

• Be suspicious of any email with requests for personal financial information.
• Phishers typically include upsetting or exciting (but false) statements in their emails to get people to react immediately.
• They typically ask for information such as usernames, passwords, credit card numbers, national security numbers, date of birth, etc.
• Don’t use the links in an email, instant message, or chat to get to any web page if you suspect the message might not be authentic.
• Instead, call the company on the telephone, or log onto the website directly by typing in the Web address in your browser.
• You should only communicate information such as credit card numbers or account information via a secure website or the telephone.
• Always ensure that you’re using a secure website when submitting credit card or other sensitive information via your Web browser.

While those tips are all well and good, they forgot to mention the two most obvious ones.

Just because an email comes from @monster.com or @paypal.com doesn’t mean that the email actually came from a monster/paypal mail server. It’s simple to spoof an email address. If the email you received requests that you reply to an email other than the one in the ’sent from’ field, then it’s more than likely a phishing email.

A lot of phishers use subdomain emails in an attempt to create a false sense of security. So be sure to check if the email address is something similar to info@monster.xyz.com. This email isn’t coming from monster but from xyz.com instead.

The other big thing to check is any website links included in the emails. Again, the Phishers will more than likely use subdomains in order to make the website URL look authentic. Something like your-account.cv.login.monster.com.xyz.com can seem like an authentic link if you fail to examine it closely.

If you want to be overly cautcious about Phishing, you can download the Netcraft toolbar for IE and Firefox. The Anti-Phishing site might be of use to you too.

If you're new here, you may want to subscribe to my RSS feed. Thank you for visiting! Cormac