Cyber criminals are targeting job seekers and employers, exploiting the current recession with phishing campaigns which intend to steal sensitive information such as login credentials and other other personal information. According to a report made by cybersecurity company Trellix, attackers pose as recruitment agencies that target job seekers, attempting to obtain their sensitive information. Moreover, attackers also pose as job seekers, intending to deceive employers through malicious attachments or URLs disguised as applicant resumes. Over 70% of these attacks are targeting the United States.
According to the report, "These emails look legitimate but are designed to steal sensitive information such as passwords or financial information. The malware can then be used to steal sensitive information or to gain unauthorized access to the job seeker's device and the information stored on it." Furthermore, the report claims that this type of attack will become even more common as cybercriminals will look to exploit the increase in job applications that employers will receive.
In order to appear legitimate, attackers are using fake or stolen documents such as Social Security numbers and driver's licenses to make the emails look legitimate and increase credibility, increasing the likelihood that the recipient falls for the hoax.
Additionally, Trellix has observed an increase in registration of typo-squatted domains for job related platforms such as Linkedin, Indeed or others. (Typo-squatting is a form of brandjacking which relies on Internet users inputting the wrong address into a web browser. Should the user accidentally enter the wrong URL, they may be redirected to an alternative website owned by a cybersquatter).
Several examples of typo-squatted domains observed are:
- indeed-id.com
- indeed-7.com
- indeed-a.com
- indedd.com
- linkhedin.com
- linkegin.com
- linkednn.com
Here are a few tips that should help you to avoid job themed phishing campaigns:
- Be careful with emails from unfamiliar sources, especially those containing links or attachments; verify the legitimacy of the sender before clicking on any links or download any attachments.
- Do not provide personal information in response to unsolicited emails.
- Use strong, unique passwords for all online accounts and enable multi factor authentication whenever possible. If your credentials ever get stolen, this will massively mitigate the potential damages you could incur.
- Use reputable job search websites and avoid clicking on links from unfamiliar sources.
- Check the spelling of the domain names before entering any sensitive information.
- Always be updated on the latest phishing and malware techniques.
Other Posts you might be interested in:
New Studies from BitDefender and Arctic Wolf show that cybergroups are employing new tactics that exploit popular social channels such as Facebook and Youtube. The exploit uses DLLs, shared code libraries used by every operating system to hide malicious code by in the form of a legitimate DLL.
Read More
A new report suggests that too many firms have IT assets that are outside the sight and control of the security team, or of the software responsible for protecting them. These assets represent an ideal ingress point for attackers as they can exploit your IT Environment without knowledge of the deed, making it a major security risk.
Read More
Explore the prevalent cybersecurity threats businesses face, including phishing attacks, ransomware, and insider threats. Discover the importance of partnering with a cybersecurity firm for tailored defense strategies, and why DeepBlue Computers is a good choice for your cybersecurity needs.
Read More