Cyber criminals are targeting job seekers and employers, exploiting the current recession with phishing campaigns which intend to steal sensitive information such as login credentials and other other personal information. According to a report made by cybersecurity company Trellix, attackers pose as recruitment agencies that target job seekers, attempting to obtain their sensitive information. Moreover, attackers also pose as job seekers, intending to deceive employers through malicious attachments or URLs disguised as applicant resumes. Over 70% of these attacks are targeting the United States.
According to the report, "These emails look legitimate but are designed to steal sensitive information such as passwords or financial information. The malware can then be used to steal sensitive information or to gain unauthorized access to the job seeker's device and the information stored on it." Furthermore, the report claims that this type of attack will become even more common as cybercriminals will look to exploit the increase in job applications that employers will receive.
In order to appear legitimate, attackers are using fake or stolen documents such as Social Security numbers and driver's licenses to make the emails look legitimate and increase credibility, increasing the likelihood that the recipient falls for the hoax.
Additionally, Trellix has observed an increase in registration of typo-squatted domains for job related platforms such as Linkedin, Indeed or others. (Typo-squatting is a form of brandjacking which relies on Internet users inputting the wrong address into a web browser. Should the user accidentally enter the wrong URL, they may be redirected to an alternative website owned by a cybersquatter).
Several examples of typo-squatted domains observed are:
- indeed-id.com
- indeed-7.com
- indeed-a.com
- indedd.com
- linkhedin.com
- linkegin.com
- linkednn.com
Here are a few tips that should help you to avoid job themed phishing campaigns:
- Be careful with emails from unfamiliar sources, especially those containing links or attachments; verify the legitimacy of the sender before clicking on any links or download any attachments.
- Do not provide personal information in response to unsolicited emails.
- Use strong, unique passwords for all online accounts and enable multi factor authentication whenever possible. If your credentials ever get stolen, this will massively mitigate the potential damages you could incur.
- Use reputable job search websites and avoid clicking on links from unfamiliar sources.
- Check the spelling of the domain names before entering any sensitive information.
- Always be updated on the latest phishing and malware techniques.
Other Posts you might be interested in:
Amidst the proliferation of AI tools, Google has announced new features that allow users to protect themselves from threats, identify AI-generated images and further protect sensitive data.
Read More
New Studies from BitDefender and Arctic Wolf show that cybergroups are employing new tactics that exploit popular social channels such as Facebook and Youtube. The exploit uses DLLs, shared code libraries used by every operating system to hide malicious code by in the form of a legitimate DLL.
Read More
Amidst economic uncertainties and budget constraints, SMEs struggle with complex tech stacks, compliance obligations, and a severe skills shortage, prompting the consideration of Security Operations Centers (SOCs) and Managed Service Providers (MSPs) as crucial solutions to enhance their cybersecurity defenses."
Read More