Users Get Fake Offers And Request

By Rochelle Garner
Bloomberg News
Thursday, August 23, 2007

Job hunters using, the employment Web site owned by Monster Worldwide, received fake job offers by e-mail that asks for their Bank of America account information.

The e-mail contains personal information collected when hackers tricked customers into downloading a virus in a fake job-seeking tool, according to researchers at Symantec, the world's biggest maker of security software.

Victims of the scam are offered a position as "transfer manager" at an unnamed investment company, Symantec said on its Web site. The role has one unusual requirement: Job seekers must be Bank of America customers and must supply account details. The e-mail contains users' names in a ploy to make the offer seem legitimate.

"They're going after people they know are looking for jobs," said Patrick Martin, a senior product manager for Symantec Security Response. "That gives them the hook they need to tempt people into giving their bank accounts."

Monster Worldwide said it shut down a "rogue" server that was retrieving job seekers' information through unauthorized access of customers' accounts and placed a security alert on the Web site, according to a company statement.

Customers got the virus by following a link in a fraudulent e-mail, Symantec said. The company found 1.6 million files, including duplicate records, of customer information stored on a hacker's server.

"The people who have those records can sell them" to others who want to send spam e-mails, Martin said in an interview. "They will just change the name of the banks and the job offer, but the underlying technique will be the same."

© 2007 The Washington Post Company