More Monster Madness

by doug on September 4, 2007

The Monster Burglary continues to impact innocent jobseekers and (non-jobseekers) everywhere.  My wife forwarded me the e-mail below.  Mind you, she has never used Monster.com.  She did, several year back, use FedJobs to see what was available in the federal public sector.  She did not know that FedJobs was affiliated (or powered) by Monster.  No one informed her of that. 

As a previous Deputy Attorney General for the State of Nevada, I am quite confident she just did not overlook such an affiliation.  The footer at the bottom of the website even states:  “This is a United States Office of Personnel Management website. USAJOBS is the Federal Government’s
official one-stop source for Federal jobs and employment information.”

Now, my wife is concerned that her information may be in the hand of an unscrupulous individual who does not have her privacy in his/her best interests. She feels violated and at risk.  I have a feeling this will be an ugly situation for Monster when it fully unwinds. 

Here is the e-mail she received over the weekend:

========================================================
USAJOBS
“Working for America”

USAJOBS is the official job site of the United States Federal
Government. It’s your one-step source for Federal jobs and employment information.
========================================================

9/1/2007

Dear USAJOBS User,

Recently, malicious software, known as Infostealer.Monstres, was used to gain unauthorized access to the Monster.com resume database to steal the contact information of job seekers.  Monster Worldwide is the technology provider for the USAJOBS website and regrettably, some
of the contact information captured came from USAJOBS job seekers.

The information captured included name, address, telephone number, and email address.  Monster Worldwide has assured the U.S. Office of Personnel Management that Social Security Numbers were NOT compromised because of IT security shields USAJOBS has in place.

Access to the data was obtained through the use of a private sector Monster customer’s computer using legitimate employer credentials. OPM is working closely with Monster to quickly protect the USAJOBS data.  Monster Worldwide already has identified and shut down a rogue server that was accessing and collecting the job seeker contact information.  Further safeguards are being put into place.

We ask you to remain alert for counterfeit “phishing” emails that may appear to come from Monster.com asking you to click on
a link. USAJOBS will NEVER request personal information via unsolicited email (i.e. not a response to an email sent by you). Monster has also assured us THEY will NEVER ask any site users to download any software, “tool” or “access agreement.”

Please also be on the alert for fraudulent email that advertises positions managing financial transactions, or cashing checks. These emails are attempting to engage job seekers in a money laundering or bad check scam.

If you receive a suspicious email regarding your USAJOBS search, email it, with the full “header” information intact, to us at: mayday@fedjobs.gov. Instructions on obtaining header information can be found at:

http://e0.monster.com/emessageRMS//……

“Phishing” and Internet fraud is an issue that, from time to time, can affect any Internet user or business.  We remain committed to
safeguarding the integrity of the information provided by job seekers. If you have any questions, please contact mayday@fedjobs.gov.

Sincerely,

Steve Connelly
Program Director, USAJOBS

{ 0 comments… add one now }

Leave a Comment

You can use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>