Monster.com Online Employer Form Phishing Scam
[Previous Example] [Share This Page] [Back To The Main SHPAMEE Index] [Next Example]
VERY IMPORTANT INFORMATION, READ THIS FIRST: The example and associated information published on this page are subject to the SHPAMEE Terms Of Use. Please familiarise yourself with these terms before viewing or using any information on this page.
Header:
X-Account-Key: account2
X-UIDL: x
X-Mozilla-Status: 0000
X-Mozilla-Status2: 00000000
X-Mozilla-Keys:
X-Apparently-To: x
X-YahooFilteredBulk: 77.83.252.52
X-Originating-IP: [77.83.252.52]
Authentication-Results: mta127.mail.ukl.yahoo.com from=monster.com; domainkeys=neutral (no sig)
Received: from 77.83.252.52 (HELO cpe-77-83-252-52-dsl.netone.gr) (77.83.252.52)
by mta127.mail.ukl.yahoo.com with SMTP; Sun, 06 Jul 2008 08:42:09 +0000
Received: from eleazar.nstld.com (enquire.dependablehost.com [120.4.128.230])
by imrworldwide.com with SMTP id NOM1HKDVBX
for <x>; Sun, 06 Jul 2008 01:42:05 -0800
Received: from [12.210.44.124] (HELO divergent.all.bg)
by interptr.com with SMTP id 5QWF5UPOYN
for <x>; Sun, 06 Jul 2008 07:42:05 -0200
From: "Monster Career Network" <mailsupport.id040-814190426em@monster.com>
To: x
Subject: online form released! (Sun, 06 Jul 2008 01:42:05 -0800)
Message-ID: <x@monster.com>
User-Agent: MIME-tools 5.503 (Entity 5.501)
X-Mailer: MIME-tools 5.503 (Entity 5.501)
X-Priority: 3 (Normal)
MIME-Version: 1.0
Content-Type: multipart/alternative;
boundary="--OD0g72as4cz4nqz1O"
Body:
Dear Monster (Jobs & Careers) customer,
The added security measures require all Monster customers to complete Online Employer Form.
Please use the hyperlink below to access Online Employer Form:
We appreciate your business and thank you for being a valued customer.
©2008 Monster - All Rights Reserved
0x2978, 0x8697, 0x110, 0x4282, 0x91374647, 0x2 rev, 5ML2, Q8RC, 73JL, CXP. 0x6, 0x688, 0x04, 0x1, 0x74, 0x9, 0x8518, 0x4, 0x256, 0x1, 0x724 1693520828959053999 HRR: 0x7412, 0x998, 0x8, 0x65, 0x8, 0x83, 0x5, 0x88850542, 0x433 B13: 0x551, 0x395, 0x2314, 0x8, 0x47374566, 0x36122187, 0x67325930, 0x296, 0x6, 0x14798556, 0x188, 0x3913 define: 0x16124130, 0x8207, 0x0, 0x65535325, 0x59572602, 0x63735076, 0x8, 0x1250, 0x1664, 0x42324682, 0x1966, 0x62390772, 0x44325986, 0x193, 0x8 update: 0x12, 0x7, 0x1, 0x36, 0x1029, 0x2, 0x80, 0x5502, 0x23010553, 0x905, 0x324 serv: 0x38820958, 0x15720560, 0x3, 0x203, 0x93, 0x7109, 0x30, 0x4349, 0x27368706, 0x96, 0x935, 0x15, 0x16, 0x007, 0x87 I77: 0x289, 0x275, 0x9319, 0x541, 0x59929879, 0x5, 0x845, 0x2, 0x5, 0x90925063, 0x8707, 0x6, 0x44, 0x20
0x04213500, 0x879, 0x781, 0x23, 0x7400, 0x3, 0x387, 0x03059835, 0x8982, 0x48 0x6869, 0x2, 0x37, 0x8253, 0x29, 0x2, 0x3923, 0x445, 0x7, 0x36223939, 0x96, 0x950, 0x05386905, 0x2149, 0x3 0x38138756, 0x63, 0x7, 0x63349017, 0x0, 0x599, 0x07218302, 0x37 common source include type 6Z94 rev 9G18. function: 0x1890 3196841232 0x9, 0x966, 0x9, 0x39, 0x79978695, 0x7440, 0x2645, 0x5, 0x70, 0x893, 0x62, 0x40694935, 0x6497, 0x89 type X1LW WE8. 0x9, 0x20786023, 0x4968, 0x459, 0x9176, 0x75, 0x1, 0x5319, 0x93576883, 0x84, 0x486, 0x073, 0x960 0x55684481, 0x9281, 0x3303, 0x055, 0x72249422, 0x31172098, 0x1320, 0x4, 0x5142 0x4, 0x01, 0x66, 0x9, 0x77, 0x78, 0x96241891
file: 0x4, 0x24290428, 0x4021, 0x0, 0x959, 0x8, 0x8, 0x8, 0x93611454, 0x57785883, 0x63262444, 0x16, 0x09 0x03377452, 0x43, 0x986, 0x182, 0x33, 0x0 0x0984, 0x828, 0x8993 RD5E: 0x05, 0x60603850, 0x55, 0x633, 0x02269528, 0x9, 0x56 939 LU6 tmp 0U8 function update UC4 SK1N: 0x420, 0x91 0x32329619, 0x8651, 0x6, 0x318, 0x0329, 0x3, 0x35788379, 0x7, 0x5, 0x63, 0x33294154, 0x9, 0x4, 0x81 0x5832, 0x33057970, 0x23 PVWI, S2O, revision, KQE, D4L, 5D3N, LPC5, common 0x22760366, 0x12798728, 0x85679238, 0x249, 0x1, 0x4, 0x4, 0x886, 0x35, 0x594, 0x98 4512
4705516681113877250021 0x0463, 0x372, 0x23704669, 0x78589247, 0x265, 0x0459, 0x275, 0x99, 0x4921, 0x5627, 0x335, 0x276, 0x94526164 0x401, 0x7553, 0x67, 0x4, 0x2012, 0x3695, 0x70, 0x3 hex: 0x0, 0x96655880, 0x8
Comments:
Related Cyber Criminal Profiles:
No related profiles found.Similar Spam Examples:
Abbey National Security Software Upgrade Phishing ScamYorkshire Bank Confirm Your Online Records Phishing Scam
Barclays Bank Customer Details Confirmation Phishing Scam
INTUIT Phishing Scam - Employer contributions report
Chase Online Banking Phishing Scam - You Have New Mail
Related Malware Samples:
No related malware samples found.[Previous Example] [Share This Page] [Back To The Main SHPAMEE Index] [Next Example]
If this e-mail really came from Monster.com it would have been addressed a specific person or organisation.
What added security measures? Monster.com will be a lot more specific than this, but that's besides the point, Monster.com will anyway never send an e-mail like this.
What does the scammer intend to do with the stolen account information? It will most probably be sold to an Advance Fee Fraud scammer who will use it in a typical Company Representative Job Offer Scam. Just imagine the extent of the damage, if the phishing scammer manages to steal the account information of a well known and respected employer.
The word "the" is obviously not in this scammer's vocabulary.
Last, but not least, the hidden hash buster text at the bottom of the e-mail is the final nail in the coffin for this phishing scammer.