Scammers target government job site - seasonal workers most at risk

Filed Under: Data loss, Privacy

Scammers have recently been targeting job seekers in Australia, aiming a phishing campaign at users of the Federal Government's job site, JobSearch.

The scam "reminds" you that your JobSearch account is about to expire, warning you to go online and update your account within the next two days:

Dear Australian JobSearch user,

To confirm your account please select the link provided.

[account confirmation]

Please note that you need to respond within 2 days. After this time your registration will be deleted from JobSearch and you will need to repeat the registration process.

The email even includes a disclaimer typical of public service departments worldwide. (I wish they wouldn't do that. Disclaimers of any sort serve little practical purpose other than to patronise and to annoy legitimate users, but they are still widespread in Gov 2.0 correspondence.)

Most Naked Security readers would recognise this sort of email as a scam at once, and wouldn't be conned into clicking the link - especially since it is directed at a Tokelau domain (.TK), not a .GOV.AU one.

However, JobSearch includes a wide range of job listings for transient and temporary workers, notably for those seeking fruit-picking and related work on the Harvest Trail.

Different crops are picked at different times of year, so that agritourists working their way round the country are likely to use the site regularly as they move from crop season to crop season or from region to region.

When you're on the road, relying on internet access as and when you can get it, this kind of scam may become much more believable, and the benefits of clicking "just in case" may easily seem to outweigh the risks of possibly letting opportunities slip.

Be careful out there. Don't click on "your account needs fixing" links in emails. Don't use the same password on every site. If in doubt, leave it out!

(Note: the link used in this campaign doesn't redirect to a phishing site at the moment. And if you're browsing through a Sophos Web Appliance, the site is blocked as a security risk.)

, , ,

You might like

2 Responses to Scammers target government job site - seasonal workers most at risk

  1. yicyic · 1540 days ago

    .tk - tokelau
    .tr - turkey

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

About the author

Paul Ducklin is a passionate security proselytiser. (That's like an evangelist, but more so!) He lives and breathes computer security, and would be happy for you to do so, too. Paul won the inaugural AusCERT Director's Award for Individual Excellence in Computer Security in 2009. Follow him on Twitter: @duckblog