The FBI recently issued a warning about malware included in email attachments responding to online job postings. They quote the case of a US business that lost more than $150,000 after an employee opened an attachment that had been sent in response to a job posting. Malware embedded in the attachment, a variant of the ZeuS/Zbot Trojan, then allowed the attacker to obtain the credentials of the person who was authorized to conduct online banking financial transactions within the company.
Simon Herring of Ubersecure writes:
The targets of these attacks are companies that have recently posted on job search sites. So what’s the connection? If you’ve posted a job opening, then it’s only logical that someone at the targeted business is expecting a resume or curriculum vitae (CV). They are, after all, trying to fill a vacant position. This means an email with an attached resume isn’t really “unsolicited email”, making it more likely to be opened by the recipient.
Over the past year or so, more and more attention has been placed on malware installation through social networks, shortened URLs, and other vectors. But email attachments continue to be a threat. So, it’s probably time to remind your staff that
- malware is still being passed around in email attachments;
- email scanners don’t always detect malware; and
- email attachments you might not consider to be ‘unsolicited’ might still be infected.
- E-mails Containing Malware Sent To Businesses Concerning Their Online Job Postings (FBI – Jan 19, 2011)
- Fraud Advisory for Businesses: Corporate Account Take Over (United States Secret Service, the Federal Bureau of Investigation, the Internet Crime Complaint Center (IC3) and the Financial Services Information Sharing and Analysis Center (FS-ISAC))