Monster.com - Email Scam Informative - Yet another eMail Scam

Review by Dirtydave on 2007-03-15
For those of you who use Monster.com please be aware of this rather lame eMail scam. Body of eMail as follows, DO NOT Download from the link.

Monster.com company greets you

We are happy to inform you that we had succesfully upgraded our

site. Because of our system has great changes, you

have to install Monster.com certificated utility (click here) to be able

to use monster.com database. If you don’t setup this tool

until March, the 17st, 2007, you will not be able to use your account
You don’t have to answer this letter - it’s just a newsletter.

Thanks for cooperation.

Note the hyperlink (http://fdxvtpztklrpx.com/download.php)
Comments:6 Replies - Latest reply on 2007-03-16
Posted by S on 2007-03-15:
It is always good practice to take note of the actual link/url of the destination they are trying to get you to click. Sometimes it will appear to "look" like the proper url, but when you click on it, your browser will show a different URL, like the spammy non-sense one in the above example. Also, many email clients support the ability to "right-click" over the URL in question in the email and view the properties. This can often show the real URL/destination which in the cases of these scam emails, will almost always be different than what is displayed in the readable part of your email.
Posted by tnchuck100 on 2007-03-15:
Other things that indicate this is an overseas scam:
1. "...certificated utility..." should have been "...certified utility..."
2. March, the 17st, 2007 --- Date format is not a common one.
3. "Thanks for cooperation." --- A business would say "Thank you for your cooperation."
4. fdxvtpztklrpx.com --- you have got to be kidding!
Posted by S on 2007-03-15:
Good points tnchuck100. Grammar mistakes are usually your first indication that something is not right...
Posted by Anonymous on 2007-03-15:
A WHOIS search indicates that fdxvtpztklrpx.com doesn't even exist.
Posted by Anonymous on 2007-03-15:
The site was probably reported and shut down before they were even done delivering the emails.
Posted by Dirtydave on 2007-03-16:
Here's more info on this from SpamFighter.com

Monster.com E-mail Attempts to Install Malware

Websense Security Labs has detected e-mails that entice recipients to open a link that instructs the process of upgrading security in their systems. The e-mail perpetrating to come from Monster use HTML code in its content and claim that Monster has upgraded system so users require to download a utility to continue using Monster.

The e-mail points to a domain name that uses five IP addresses. By connecting to one of them the code runs, downloading several files and installing them on the user's computer. It also downloads and installs another file from a Denmark server. Apparently all the files aim to steal users' information.

The fake e-mail says that Monster is happy to inform users about the successful up-gradation of their site. It claims that the system has gone through several changes, therefore recipients must install monster.com certified utility (provides a link) in order to use monster.com database. The e-mail puts a dead line, as March 1, 2007 to set up the tool, otherwise the user will lose his or her account. The e-mail signs off saying it is a newsletter and requires no reply.

Lures of this kind that defraud people are based on social engineering techniques. They steal end user information, which means anyone who unwittingly downloads the code could become a victim of identity theft.

The case is another one of a job site being used as a means to play fraud.

When people post personal information on job sites they often fall in the grip of cyber criminals. Sometimes they victimize job hunters by tricking them to give up personal information in the pretext of offering a job. A well-known scam claimed to recruit people in return for wiring money to their supposed employers.

These demonstrate how a link in an unsolicited e-mail can be risky. It is worthwhile to keep computer protection up-to-date. The key security measure is to identify valid job-related e-mail and reject offers that may fraudulently solicit resume and/ or personal details. It is critical to protect resumes from people attempting to make profits from them instead of helping them find jobs.

Your Name:
(displayed with your comment)
Your E-mail:

Your Experience/Advice:
Check spelling

By clicking submit you agree that you have read and accept the Terms of Service & Privacy Policy.

Note: All comments are reviewed by a moderator before being published. Please be sure to read our guidelines before commenting.