Cyber Criminals Extract Personal Details From CVs Posted Onto Job Sites
Hackers have turned the harvesting of personal information from Monster.com and other large US jobsites into a profitable black market business. A Russian gang called Phreak has created an online tool that extracts personal details from CVs posted onto sites including Monster.com, AOL Jobs, Ajcjobs.com, Careerbuilder.com, Careermag.com, Computerjobs.com, Hotjobs.com, Jobcontrolcenter.com, Jobvertise.com and Militaryhire.com. As a result the personal information (names, email addresses, home addresses and current employers) on hundreds of thousands of jobseakers has been placed at risk, according to net security firm PrevX.
Phreak has begun selling its “identity harvesting services” to fraudsters, charging $600 for data that might be applied to targeted phishing attacks, ID fraud or other nefarious purposes. Would-be clients are able to contact the gang on ICQ. For a fee the gang will filter its database for entries that refer to a particular country or particular employer.
Jacques Erasmus, director of research at PrevX, explained that he came across adverts for the tool in an underground forum. The PHP-based utility uses built-in recruiter IDs to scan job sites and return results in a handy web form, he explained. The utility is quite sophisticated and attempts to make sense of the data format found in CVs, extracting only useful information. Phreak is selling its services to people running higher-end targeted spear phishing attacks.
PrevX said the latest attack is distinct from one carried out by a Trojan horse program last year. This time around the attack affects far more sites than Monster.com alone. Also the attack involves a harvesting engine, rather than the use of malware.
Job sites might be able to guard against the latest assault on user data by limiting the number of searches and by applying CAPTCHAs to distinguish between requests from an automated program and humans.
More on CyberInsecure:
Leave a Reply
Comments with unsolicited links to other resources will be marked as spam. DO NOT leave links in comments. Please leave your real email, it wont be published.