The Register is reporting on a blog entry at Symantec about a host they found logging into using stolen recruiter credentials. The application then dumps presonal data such as name, surname, email address, home address, phone numbers to a report server controlled by the attackers.

I saw new spam today that is asking you to log into a recruiting database. I deleted them before investigating further. Perhaps they are realted?

Comments are closed.