MailGuard have identified and successfully blocked an email scam outbreak containing malware appearing to be from a genuine job applicant seeking employment.
These scams typically prove successful by preying on victims in the HR industry that are likely to skim emails and quickly click attachments, and companies that have recently posted to job boards and are expecting a flood of applicants.
Here is a screenshot of the type of email to watch out for:
In this example, the email originates from a sender named, ‘Christy Rauscher’ and features a seemingly trustworthy email subject. Considering the subject of the email eludes to the body containing an attachment, the .doc attachment doesn’t appear suspicious to the untrained eye.
The sender reinforces that the recipient will find exactly what they’re looking for in a future employee by downloading the attached resume.
The .doc itself is actually a .docm that has been renamed to bypass content scanners. The attachment includes a malicious Word macro that attempts to download Trojan malware from a remote location.
The result of executing this type of malware can cripple a corporate network, leaving it vulnerable to financial, reputational and technological damage allowing criminals access to your network
Warning signs to help identify this email as a scam:
As a precaution, we urge you not to click links within emails that:
There are many key identifiers for an email recipient to check when assessing if an email is a fraudulent one. To find out more, take a look at our warning guide, Don’t Click That! Your Guide To Cyber-attacks And Tips For Being Cyber Safe Within Your Business.
At the time MailGuard discovered this new variant, 80% of common AV vendors were not detecting the malicious exploit within this file.
Uneducated users relying on traditional antivirus vendors that aren’t detecting this exploit are subsequently exposed to infiltration if they download the attached file.
Educating staff and employing cloud-based email filtering and web filtering, complimented by multilayered defences including desktop antivirus, anti-malware and anti-spyware will go a long way to mitigating the risk from a wide range of email and web borne malware attacks.
Keep up to date with email scams affecting your business by subscribing to MailGuard’s weekly update.