User data for Monster.com and USAjobs.gov compromised

Here’s a warning to Monster.com and USAJobs.gov users. According to a notice published on both web sites (Monster.com notice; USAjobs.gov notice), databases were accessed and some information was "taken". This includes userIDs, passwords for those IDs, email addresses, names, phone numbers and some other data. The releases specifically mentioned that resumes were not accessed, nor was any personal financial information or social security numbers.

Both sites will most likely require users to change their passwords. I recommend being proactive and changing it ASAP. Also change any other passwords that are associated with the email address used for the Monster sites; especially if the account uses the same password.

This event heightens the need for different passwords for different accounts. I know, I know . . . it’s too hard to remember all those passwords, much less matching the right password for the right account. Here’s a tip if you are having trouble: Use phrases. For a site like Monster, you can use "1nAnjp$09, for I need a new job pretty soon, 09 (for 2009)". That’s a good mix of upper/lower case letters, numbers, and special symbols. Of course, you have to work within the requirements of the website/software.

Another thing to keep an eye out is phished email. Stolen or harvested email addresses are sure to become targets for bogus attacks. As a reminder, it is not a good practice to respond to a request to click on a link in an email; especially when there’s a question of account security. Instead, use the shortcut that you most likely already saved on your desktop or in your browser favorites to get to the sites. These emails are sure to be very convincing. 

More Inauguration web sites and scams reported

Last week, I made mention that like most current and publicized events, that there would be spam, phishing, and malware attacks geared to the inauguration next week. This is a prime target considering the public interest in this event. Regardless of yor political favor, a headline like "Barack Obama has refused to be a president" is sure to spark some currosity. According to a Trend Micro blog, that is exactly what is going on. The links in the web site offer executables that are "worms".

 

You can read the whole article here: http://blog.trendmicro.com/fake-obama-news-sites-abound/

 

In an earlier article on the Trend Micro blog,  found another article describing posible Obama inauguration scams. At the bottom of the article, there are links to stories about specific scams that have been reported.

Found this on the US Cert site related to Inauguration emails

http://www.us-cert.gov/current/index.html#spam_phishing_and_malware_related

Inagural Spam

With the Presidential Inauguration coming up, it is important to be vigilant when handling email or browsing Internet web sites.

As is the case for most current events, spammers and virus writers will certainly take the opportunity to “dress up” electronic attacks tailored to the events of next week. Such emails will have attachments, links or promises of videos. Avoid them and simply delete the email.

The caution is urged when browsing the Internet. An increase in infected sites or pop-up attacks are expected as well.

Blackberry responds to PDF vulerability in Enterprise software

http://www.blackberry.com/btsc/search.do?cmd=displayKC&docType=kc&externalId=KB17118

Enterprise Blackberry users have cause for concern. There is a vulnerability in the way that the Enterprise software processes PDFs. Two specific vulnerabilities were mentioned in the security advisory. This advisory is additional to one released this past summer (KB15766), a similar issue.

This vulnerability allows for remote execution (on the device) if a specially crafted document is delivered. Considering the state of spam and viruses, delivery of this exploit does not seem far fetched. 

US Cert released an advisory here:
http://www.uscert.gov/current/index.html#blackberry_security_advisories.

Social engineering attacks on social networking sites

A Trend Micro blog entry describes various bogus social and professional networking malware profiles. This is a proven social engineering attack that is sure to infect unsuspecting click-happy users. In the case of LinkedIn, these are impersonating highly popular celebrities like Beyonce, Salma Hayek, Kate Hudson, and now Jessica Alba. The payload is delivered in links that claim to be explicit content of the specific celebrity. These are being created using pre-registered accounts on other social networking sites. A notice from ZDnet suggested Googling for some of the various sites. I did and found this site active, dispite the mention that LinkedIn was killing such sites.

Earlier, Trend Micro reported on attacks on Facebook/Twitter users that led to some bogus profiles. Perhaps they are related.

We are seeing more and more attacks involving these kinds of sites.