1. Spearphishing through LinkedIn Jobs
This scam is currently being reported in regard to a System Administrator job posting on LinkedIn. It’s worth sharing and being aware of, however, because the approach could be broadened and used for any type of job posting on LinkedIn.
This is how it works: a job is posted on LinkedIn. People who engage with the listing are responded to and sent a Word document as part of the application process. The sender claims the Word file is protected under GDPR and that macros need to be enabled to open and use it.
If those macros are enabled, a series of malicious actions occurs including downloading system-specific malware payloads. Credential harvesting, deletion of security log entries, and lateral movement (how cyber criminals try to move deeper within your network) are all part of the attack.
So how can you avoid falling for this?
- Always be suspicious of someone requesting or demanding that macros be enabled. Macros are a series of operations, like a program, that can run on your computer from within a file like Word or Excel. They can be useful and harmless, but they can also hide malicious activities. If you did not build them yourself, or you do not know and trust the person sending you a file with macros in it, do not enable them.
- Go ahead and be skeptical. If you are applying for a job that was posted on LinkedIn, why would you also have to fill out and return a Word document? Does the company not have a website form or other means of accepting applications? You can provide a lot of personal information when applying for a job, so if the process seems strange, call and ask first.
2. Job Dismissal Scam
In another employment-related scam, Kaspersky, a global cybersecurity company, reports this Q2 trend.
An email appearing to come from HR tells the victim that the company has been forced to discharge him or her due to the pandemic-induced recession. The email comes with an attached form to request applicable severance pay. Fortunately, the firing isn’t real. But unfortunately, the attachment contains malware.
Stay safe with these tips:
- Double- and triple-check any emails claiming to be from Human Resources. Make sure the email address is perfectly correct. Consider whether the message is something that would be coming through email.
- Even when an email appears to be internal, stop yourself before opening attachments. Pick up the phone and check with your HR Department before clicking any links or opening any files.
- It’s easy to get swept up in the emotions of finding out you’ve been fired. That’s what cyber criminals bank on: emotions clouding your ability to think. So train yourself to pause before taking any action on any email. That simple habit could save you a lot of grief.
3. Vaccine Phishing
As we’ve seen time and time again, global issues attract cyber criminal scams. This pandemic alone has seen phishing emails about maps, statistics, tracking reports, funding resources, and employment angles. Now, the messages are shifting to vaccines.
Checkpoint, a leading provider of cyber security solutions to governments and corporate enterprises globally, reports “a doubling in the number of vaccine-related new coronavirus domains between June and July. In fact, 1 out of every 25 malicious coronavirus-related websites’ landing pages is vaccine related.”
The emails being reported can come through with a malicious attachment, prompting you to download the latest list of approved vaccines, or with a link that redirects you to a spoofed medical site where you would enter your personal details in order to get the promised information.
In either case, the goal is to steal your credentials.
So what can you do?
- Remain suspicious of unsolicited messages related to global events like the pandemic. If you receive ‘groundbreaking’ or ‘unreleased’ information about a vaccine, look carefully at the sender. If it is someone you know, is it normal that they would send you a message like this? If it is someone you don’t know, treat it with skepticism. If you get it at work, report it to your IT team.
- Curiosity, like fear, is a tool scammers use to get you to take action. If you train yourself to always stop for a moment before doing anything with an email, you will be far less likely to fall prey to it.
