To me, posting personal details on a site like monster.com is just a bad idea; surely it's better to send of a CV (resume) in response to a specific role?
Trying to contain damage amid reports that con artists are targeting online job sites, Monster Worldwide has shut down a rogue server that was siphoning personal information from the resumes of job seekers. The disclosure came amid new details of a Trojan that's amassed personal information on hundreds of thousands of people …
Evidently you are not familiar with how these sites operate. One posts a CV/résumé which is searchable by employers, and in addition one may send information to an employer. If no "active" resume exists for you, then the system bumps you off after a short time, like a month. The scammers got an employer account on the system, and then proceeded to download every bit of info they could. Of course the contact info is a required part of the personal information posted on the site.
I never post personal details to Monster; it's way too generic of a site for me. On the other hand, at least in my geography if you want a good tech contracting job, posting your resume (CV) complete with email and phone # on Dice is the way to go. As an example, my wife did a job search 6 months ago, and found 3 positions in which she was interested. After posting her resume to Dice, she received an avalanche of calls, resulting in a dozen or so interesting positions in the first week. Your market conditions can have a serious impact on what you need to do to get good opportunities.
I do recommend getting a disposable phone # and email address first, though.
This has been going on for a while and the line between what this Trojans are doing and what some "agencies" are doing is actually quite blurred.
In the past, I have noticed a number of cases of obviously fraudulent job adverts on UK job boards as well as a number of cases where companies engaged in various fraud have gotten their hands on large portions of the database. This is besides a number of "reputable" agencies selling their applicant details to scammers and anyone willing to pay. In fact, if an agency insists on having your mobile this is the most likely reason for doing so. Add to that the fact that the majority of agencies do not give a damn about the data protection act and keep information on you forever and the picture is nearly complete. It is an industry that is in dire need of some serious legislative stick.
According to my not very scientific observations, it takes on average 24h between posting a new mobile number onto a UK job board (or some of the "reputable" agencies) and starting to receive porn spam on it. Add 24 more hours for scam calls. Same for email addresses and email spams and scams.
Over the last couple of years I had to dispose of three mobile phone numbers, nearly ten email addresses and put a VOIP PBX in the house which filters out all calls coming from "well known" caller IDs or not having caller id at all. This just about keeps the lid on the situation most of the time.
Monster should have acted immediately this became known, and quarantined all their systems. They should then have modified their login mechanisms to thwart an automated attack (type .gif image text) and required bona fide users to change their passwords.
Users with compromised logins should have been notified and required to AV scan their systems.
If somebody can get a credit card with the information in my resume, than the people giving out the credit need to fix their procedures. I'm not going to waste my time trying to keep my whole life a secret because they can't set up a better verification system...
I always send my CV by post directly to advertised vacancies in the local press. Some folk put their CV on webspace which I think is just plain stupid, as anyone can see all your personal stuff. I'm still wary of sending my CV by email or via a website (using a perl script) as security cannot be guaranteed.
I don't want to worry anyone, but this is a serious breah of security. I am only writing this to warn people about the dangers of passing on details to a 3rd party.
If you can send me any details NOT contained within the stolen information which includes birth dates, schools, residences, family names please do so . We can reset your record with Credit/Debit card details ONLY in your name. This is an urgent email please respond.
Biting the hand that feeds IT © 1998–2019