Traditionally as the unemployment rate rises, more people consider launching a business or working from home. Scam artists often target people wanting the flexibility of a home based enterprise with fraudulent offers. But a warning is going out about a new online scam targeting the unemployed.
CareerBuilder.com, a reputable job search and employment firm, has joined the list of brands targeted by a criminal according to computer forensic experts. A crook or ring of criminals is stealing login credentials to the well-known job site by claiming to have a new Digital Certificate said to protect customers
The CareerBuilder.com malware was especially interesting, said Gary Warner, Director of Research in Computer Forensics at the University of Alabama in Birmingham. “We’ve seen a long list of banks abused by this malware promising better security with Digital Certificates, but this is the first employment company targeted for this criminal’s scam,” Warner said. “By stealing CareerBuilder credentials the criminals will be able to make more believable job offers, and will be able to know who is actively seeking a job. They already have login credentials for banking sites, but they need to recruit more ‘Money Mules,’ which is what investigators call the victims who are tricked into sending the money out of the country.
Warner’s investigations have revealed that the same criminals stealing these CareerBuilder accounts are attempting to convince desperate job seekers to work as financial assistants. In fact, these financial assistants receive a commission for receiving stolen funds into their personal bank accounts and then transferring the funds to the criminals via Western Union or Money Gram.
Warner calls that “a sign that money laundering may be part of their new job.”
Warner and his team of researchers have been tracking this malware family since May. The current campaign also links to work-at-home scams being hosted on the same IP addresses as the CareerBuilder malware.