Last Saturday, I got a snail mail from my employer telling me that my personal information had been stolen.
Yesterday, I got an email from monster.com, saying my account information had been stolen.
So, a TRIPLEPIT(is that a new word?): companies with shitty data security, asshole hackers, and mouth-breathing identity thieves. Fuck ya all.
I guarantee #2 is phishing. Which is how that stuff gets stolen for real.
I got that stupid e-mail from Monster.com. It really annoyed me because they kept saying how not to follow any links in e-mails, and to actually go to the website, and then they had links in the e-mail! How am I supposed to trust that that’s a legitimate e-mail? Ugh!
You are NOT supposed to trust that! Or any such email.
I get such emails all the time, supposedly from Banks (ones I have never had any accounts at) and supposedly from Ebay (here I’ve never been a seller), etc. I just assume any such email is a fraud.
OK, let me get one thing straight: I have never fallen for a phish. I have DEFINITELY never fallen for a phish involving Monster. Did the folks who did somehow allow access to MY info too, even though I didn’t participate? Some news stories implied that they did, but not even the snail mail I too got from Monster made it clear.
I had heard the story on the radio and read it about it online BEFORE I got the email from monster.com. (one of my coworkers got the email, too) I was reasonably certain it was legit.
I didn’t have to click on any link, though. After all, I had already been through the drill thanks to the screwup at AT&T earlier in the week. Besides, I’ve got my free year of Credit Watch Gold now, so I have nothing to worry about. :rolleyes: :dubious:
That’s good. I’m stealing that.
I got a similar warning earlier today from monster.ca. Yes, one has to be EXTREMELY careful of such e-mails, but I firmly believe it is legit.
[ul]
[li]It does not demand that you click a link or run a program to keep your account active.[/li][li]None of the links immediately get you to a “login” page or a page requesting personal information. I have my doubts that a phisher would go to the trouble of forging at least two consecutive web pages.[/li][li]If they’re phishers they have gone to a GREAT deal of trouble with the detail of their forgeries.[/li][li]They know how to spell and use proper grammar! 
[/li][/ul]
I do grant that Monster did commit a MAJOR faux pas - the introduction was “Dear Valued Monster Customer” rather than “Dear Canadjun”. Although that does ring alarm bells, I think it’s a false alarm and someone at Monster just needs another smack upside the head.
The monster one is legit. We didn’t get an email about it—we got a freaking letter in the actual mail from Monster detailing what information was stolen and how it was taken. The details in the letter match the details posted by Johnny L.A..