Alec Difrawi aka Alec Difrawy aka Alex Simon aka Ayman A. El-Difrawi aka Alexander Simon aka David Kartz aka Michael Chandler

On Saturday, The Washington Post ran a story I wrote on a phishing scheme that targets job seekers who have posted their resumes on popular job sites such as Monster, Career Builder and Yahoo Hot Jobs.

This particular scam came with an Onion-esque flourish. One of the supposed employers, USAVoice.org, called itself “the world’s fastest growing news organization,” and lured aspiring journalists to give up personal information during the application prospect.

The news on the Web site, as one victim realized too late, doesn’t update as often as, say CNN.com does, and consists of stories with timely headlines such as “A History of Valentines Day.”

The scam came to the attention of the D.C. area Better Business Bureau because USA Voice uses a downtown Washington address, which turns out to be little more than a mail drop. A related site, Instant Human Resources, lists an address in Rockville, also a mail drop. Together, they’ve generated more than 8,000 inquiries since June.

While these particular Web sites are pretty slick, the phishing e-mails themselves are by no means the most sophisticated ever created. That honor, if you can call it that, belongs to the stream of official looking missives from financial firms, which are still the most popular ones to spoof among cyber criminals. After all, you’re more likely to give up valuable financial info that way.

In that sense, the personal info that appears on job sites may not be as lucrative. But even a name, e-mail, address and telephone number are worth something to scammers. They can turn around and sell those or use them to perpetrate “synthetic identity theft,” where a phony identity is created using bits of real people’s information.

In this particular case, the success of the scam relied on a two-pronged strategy. Not only did they advertise on the job sites, but they also contacted people who used them.

Job seekers who posted their resumes on Monster, Career Builder and Yahoo received e-mails from either USA Voice or Instant Human Resources, telling them that based on the their resumes they qualified for a promising sounding position. Those who didn’t smell a scam right away filled out online applications, in the process disclosing personal information.

Some get as far as entering a Social Security number. Many only get to name and address before backing out. At that point, job offers don’t come pouring in, but spam does.

The job sites have gotten wise to these schemes and, for the past several years, have been posting warnings on their Web sites in an effort to educate users before it’s too late. They also pre-screen job postings and monitor them daily. But it seems inevitable that scams will get through. Privacy expert Pam Dixon looked into how long USAVoice has been online; the site is about a year old. Most phishing sites don’t stay up for a week. So this one seems to have staying power, despite having their job postings removed from Monster and Career Builder.

The job seekers I interviewed for this story who said they were scammed by USAVoice and Instant Human Resources were not naive Internet surfers by any means. One has made a living in technology. But their normal scam radar was blocked by their desire for employment, which is what makes this particular scam so effective–and so lame!

For tips on how to spot a phishing scam, check out Gina Hughes’ tips.

Dixon’s World Privacy Forum has advice just for job seekers.

washingtonpost.com’s own Brian Krebs can also keep you up to date on the latest online security issues.

By Annys Shin |  February 12, 2007; 7:00 AM ET Privacy

1. affiliateunit.com
2. allcriminaljusticecareers.com
3. angelsofcaring.com
4. apexilo.com
5. beautycareernetwork.com
6. biggerbetterleads.com
7. burningleads.com
8. canadacareersource.com
9. canditrack.net
10. canditracker.com
11. careercentrecanada.com
12. careergate.com
13. careerhvac.com
14. careerspeed.com,
15. cjrecruiter.com
16. collegeboundcanada.com
17. collegedatabase.us
18. collegedatabasecanada.com
19. collegeguidecanada.com
20. collegeoverview.com
21. collegeoverview.net
22. collegeoverviewcanada.com
23. computercareersonline.com
24. computertechcareers.com
25. courtcareers.com
26. courthousecareers.com,
27. creativedesigncareers.com
28. degreesforsoldiers.com
29. driveragents.com
30. drivercareers.com
31. driverlogix.com
32. driverology.com
33. driververification.com
34. emplogix.com
35. employerdynamics.com
36. equalcredit.org
37. getmedicaleducation.com
38. getretrained.com
39. gourmetcareers.com
40. healthcare-career-guide.com
41. healthcareerchoices.com
42. hireintelligenceonline.com
43. hiremedicalassistants.com
44. hiringmedicalassistants.com
45. hvaccareerfinder.com
46. hvacjobstoday.com
47. jobshifter.com,
48. jobsinmedicalassisting.com
49. juvenileprobationcareers.com
50. lecero.com
51. legalcareerfinder.com
52. livesaltlake.com,
53. medicalassistantresource.com
54. medicalbillingprofessional.com
55. medicalcareersdirect.com
56. medicalcareersindemand.com
57. medicalcareersonline.com
58. mycollegeoverview.com
59. myjusticecareer.com
60. nationalcareersonline.com
61. nb740.com
62. nb750.com
63. nb760.com
64. neutronmultimedia.com
65. neutronstats.com
66. nickelshare.com
67. northcareers.com
68. officesupportrecruit.com
69. pleasefixthisapple.com
70. rcmediapartners.com
71. recruiterlogix.net
72. recruitron.com
73. recrutingdynamics.com
74. regionalhealthcarerecruit.com
75. rekroot.net
76. retreev.us
77. rockyourgame.com
78. roughneckjobs.com
79. sbm200.com
80. scbcareers.com
81. skilledlaborcareers.com
82. splinterview.com
83. splitronic.com
84. statler3.com,
85. talentbase.us
86. todaysmedicalassistant.com
87. tradeskilljobs.com
88. train4hvac.com
89. truckerseek.com
90. truckerworks.com
91. truckingpays.com
92. tuffdrivers.com
93. unitedcareerservices.com
94. us-careerservices.com
95. usmedicalassistant.com
96. verifyhere.com
97. warehouserecruit.com
98. warehouserecruiter.com
99. warmheartsdirect.com
100. workforceresources.com