Phishing attacks target CareerBuilder.com users from Mary Ellen Zurko on 2007-03-14 (public-wsc-wg@w3.org from March 2007)

From: Mary Ellen Zurko <Mary_Ellen_Zurko@notesdev.ibm.com>
Date: Wed, 14 Mar 2007 09:09:32 -0400
To: public-wsc-wg@w3.org
Message-ID: <OF2927F892.EC85FE4C-ON8525729E.00484074-8525729E.00484A97@LocalDomain>

Interesting example of using information on the web to target phishing.

          Mez

Mary Ellen Zurko, STSM, IBM Lotus CTO Office       (t/l 333-6389)
Lotus/WPLC Security Strategy and Patent Innovation Architect

http://www.networkworld.com/news/2007/031207-phishing-careerbuilder.html?nltxsec=0312securityalert2&code=nlsecuritynewsal65799

Phishing attacks target CareerBuilder.com users
Scams use the lure of phony online resumes to execute a backdoor Trojan
By Ellen Messmer, Network World, 03/12/07 
Attackers are launching targeted phishing scams from the job-related site 
CareerBuilder.com, according to one network manager who says his 
engineering firm recently had to combat phishing techniques that use the 
lure of phony online resumes. 
Marc Cote, manager of network services at a Midwest engineering firm that 
he requested remain unidentified, says his firm routinely posts job 
openings on CareerBuilder.com. Recently Cote has seen evidence that the 
online recruitment process is being exploited for phishing attacks. 
This is typically done by an attacker who sends e-mails to managers 
seeking job applicants, asking them in a cover letter to visit a Web site 
to view a resume provided via a link. If a manager clicks on the link, the 
Web site then tries to execute a backdoor Trojan to compromise the 
machine, Cote says. 
The phishing e-mail, a partial sample of which Cote supplied Network World 
by way of example, includes a fake name with a cover letter stating the 
wish to be considered for employment and claiming the firm hasn?t 
responded to a fax of the resume so the applicant is posting it via a link 
to a Web site. 
However, it is actually a phishing site that ?then tries to execute a 
backdoor Trojan," to take over the victim?s machine, Cote points out. 
Cote says his department has been blocking these phishing Web sites 
through Web filtering as they are discovered and has started raising 
awareness about the potential problem among corporate managers. 
So far Cote isn?t aware of similar situations arising from use of other 
job-related sites, such as Monster.com. He says the importance of 
recruiting via online job sites means that his engineering firm is 
unlikely to change the way it locates job candidates through online 
processes, but that greater caution in preventing phishing attacks is 
clearly in order. 
All contents copyright 1995-2007 Network World, Inc. 
http://www.networkworld.com

Received on Wednesday, 14 March 2007 13:09:50 UTC