The Government has defended the security of a jobs site plagued by fake adverts despite malware recently hitting users of the company that provides the site.
HR staff looking for job candidates via Monster Jobs’ own website recently suffered malware attacks that attempted to access their bank details by presenting them with false forms to fill in when they accessed the site.
Monster was adamant that its security was sufficient despite calls for it to implement two-factor authentication, where a user must provide two forms of identification, rather than just a password.
It also claimed the threat would not affect its other major site, Universal Jobmatch, which it provides for the government.
Analyst firm CIC disagreed and said stronger security measures such as two-factor should be implemented.
However, a Department of Work and Pensions (DWP) spokeswoman has now told CBR the government has no need for such stringent security.
She said: "We don’t ask for bank details – we have a strict thing in place where you use an ID address. In fact we have warnings on the site about not to give card details out.
"I can see the need for it on some sites but two-factor authentication is really if you are giving bank details out.
"People only have their email address [as a form of identity]. We won’t ask for personal details like post codes. As a department we have our own secure procedures."
Despite this, Jobmatch has been plagued by fake job listings, some of which result in the risk of identity fraud, according to separate investigations by Channel 4 News and Labour MP Frank Field.
The Guardian reported last month that leaked documents it saw revealed the DWP had drawn up plans to scrap Jobmatch just 18 months after its launch.
A subsequent rebuttal from the government failed to commit to Monster’s future as the site provider beyond its April 2016 deal.
