Subj : Watch out - that dream job applicant could actually just be damag To : All From : TechnologyDaily Date : Wed Dec 13 2023 11:30:06 Watch out - that dream job applicant could actually just be damaging malware Date: Wed, 13 Dec 2023 11:27:51 +0000 Description: Social engineering scams are on the rise, and this ones spreading malware through recruiting organizations. FULL STORY ====================================================================== Cybersecurity company Proofpoint has warned of an attacker employing a variety of methods to spread malware within organizations, and the latest technique is just as easy to fall for as it is to spot. The attack, attributed to a financially motivated threat actor known as TA4557, impersonates a job applicant and uses attachments like PDFs and Word documents or malicious websites to spread malware. According to Proofpoint, TA4557 has been using advanced social engineering tactics since 2018, including similar job applicant-type attacks for the last two years. Recruiters beware The latest method, which has been used since at least October 2023, begins with a benign email expressing interest in an open role. From there, the chain between the recruiter and the malicious applicant continues, whereby the applicant finally engages in the attack. A resume, supposedly hosted on the applicants personal website, is shared with the victim. The legitimate-looking website hosts a downloadable .zip file which includes a shortcut file (LNK). Ultimately, the malware exists to gain unauthorized access to a victims machine and then to drop additional payloads. In some cases, the threat actor shared details of the malicious website via email attachments, including PDF and Word documents. Of the two screenshots shared on Proofpoints blog , both use custom email domains and direct the recruiter to a website using that same domain. According to Proofpoint, theres been a recent uptick in the number of social engineering scams using benign emails. The cybersecurity firm added: Organizations that use third-party job posting websites should be aware of this actors tactics, techniques, and procedures (TTPs) and educate employees, especially those in recruiting and hiring functions, about this threat. More from TechRadar Pro Shared too much? Heres the best identity theft protection Boost your protection with the best firewalls and best endpoint protection Ransomware, AI, and social engineering all set to be 2024's biggest security threats ====================================================================== Link to news story: https://www.techradar.com/pro/watch-out-that-dream-job-applicant-could-actuall y-just-be-damaging-malware --- Mystic BBS v1.12 A47 (Linux/64) * Origin: tqwNet Technology News (1337:1/100) .