It hasn’t been a very good year for Monster.com. Last summer, the job search giant was implicated in a stock options back-dating scandal, resulting in the resignation of a number of officers, including two successive CEO’s.
When the company reported that second-quarter profits in 2007 were down 28 percent, it announced that Monster would eliminate 800 jobs. Maybe one of those jobs was CFO — Chris Powers resigned on Friday.
Last week Computerworld reported that some 46,000 people had sensitive personal data stolen by a Trojan accessed via ads on job search sites, including Monster.com.
Then as if to demonstrate that things could always be worse, another Trojan managed to infiltrate Monster.com servers and transfer 1.6 million user records to a remote server. Although the data itself is not sensitive enough to result in identity theft, it has apparently been used to construct a more convincing phishing attack, by including personal information from the site. The message lures recipients into downloading the ransomware Gpcoder.e. This little gem encrypts files on the user’s computer until they pay to have them unencrypted.
Monster.com’s Security Center warns about the fraudulent email, but it does not mention that the data used to make this look truly authentic comes from Monster’s own servers.
As always, beware of clicking links within email messages. If you really need to click through, view the source of the message and inspect the domain name of the link itself first. Better yet, type the known, good URL yourself into your browser’s address field. A little inconvenience now could save you a huge inconvenience later.