job-scams  - job scams - Online Job Offer Turns Would-Be Applicant into Unwitting Conspirator in Malware Attack

The context of contacting the via a credible website may be all that was needed to trick one job seeker into installing on the network of Chilean bank Redbanc.

Imagine you’re on LinkedIn and you see an ad for an open position that you’re perfect for. See anything wrong with that? Given you’re on a website that knows your job title, industry sector, location, etc. I’d say none of us would give it a second thought and assume it was legitimate.

That was exactly what hackers were hoping for when they used LinkedIn ads to target employees of Redbanc (which include as a part of their ad filtering). A Redbanc employee responded to an ad seeking a developer position. The employee was contacted and even had a call with the would-be employer via Skype.

All this social engineering was in place to lower the employee’s defenses when the actual attack occurred – the cybercriminals asked him to install a program (ApplicationPDF.exe) that would generate his online application. The program didn’t trigger any alarms on Redbanc’s antivirus (and, from the look of the article, nor the potential “applicant”).

The thinking is that hackers were attempting to gain entry to the bank’s network in an attempt to reach applications that control ATMs and debit cards.

We often see employees as the weakest link in ; as if they are simply careless. But stories like this prove that anyone can fall prey to a scam. It’s the very reason why every employee – from the lowest in the ranks to the highest – should go through Security Awareness Training to elevate their understanding of how these scams unfold (regardless of how credible they appear) and how to spot them (hint: the PDF application was the big red flag in this scam).


We recommend EVERYONE to review the 22 social engineering red flags to watch out for in any email. It might be a good idea to print out this PDF and pass it along to family, friends, and coworkers. Remember to always think before you click!
22 Social Engineering Red Flags  - file 26212286 - Online Job Offer Turns Would-Be Applicant into Unwitting Conspirator in Malware Attack

 



Source link
Based Blockchain Network

No tags for this post.

LEAVE A REPLY

Please enter your comment!
Please enter your name here