Email scam uses fraudulent “resume” to deliver malware attack

Posted by Akankasha Dewan on 16 March 2020 15:05:39 AEDT

MailGuard has identified and successfully blocked an email scam containing a malware-ridden attachment. The email was sent supposedly from a job applicant seeking employment.

Titled “Attached Resume”, the emails use different display names. For example, in the screenshot below, it appears to have been sent by a “Julieann Greenhoward”. The sending addresses used in all the emails are also varied, but all end with the domain "".

The plain-text email begins with “Hey]” and claims that the sender has seen “ýour website earlier today” and is “interested in applying for employment”. It directs recipients to view an “attached CV”. A .XLS file is attached with the email titled “Resume”.

Here is a screenshot of the email:


Unsuspecting recipients who open the attachment will initiate the download of a malware designed to infect systems.

MailGuard urges all users to be wary of this email scam and to delete it without opening any attachments.

Resume-based scams such as this one typically prove successful by preying on victims in the HR industry that are likely to skim emails and quickly click attachments, and companies that have recently posted to job boards and are expecting a flood of applicants. This scam, for example, claims to have viewed the recipient’s website in a bid to trick the user.

HR is such a lucrative target for hackers because of the value of the information it holds (the personal data that can be exploited) and the ease of entry (the chance that HR employees will open unsolicited emails).

Despite these techniques to fool users, eagle-eyed recipients will spot red flags that point to its illegitimacy. These include several grammatical errors in the body of the email, including the fact that the recipient isn’t addressed directly and in an informal manner that isn’t generally expected in job applications from a genuine job-seeker.

Please share this alert with your social media network to help us make more people aware of the threat.

Don't get scammed

If your company’s email accounts aren’t protected, emails like the one above are almost certainly being received by your staff. Cybercriminals know people can be tricked; that’s why they send out millions of scam messages and put so much effort into making them look convincing.

People are not machines; we're all capable of making bad judgement calls. Without email filtering protecting your business, it’s just a matter of time before someone in your organisation has a momentary lapse of judgement and clicks on the wrong thing.

One email is all that it takes

All that it takes to break into your business is a cleverly-worded email message. If scammers can trick one person in your company into clicking on a malicious link they can gain access to your data.

For a few dollars per staff member per month, you can protect your business with MailGuard's predictive and advanced email security.

Talk to a solution consultant at MailGuard today about securing your company's network.

Why not stay up-to-date with MailGuard's latest blog posts by subscribing to free updates? Subscribe to weekly updates by clicking on the button below.

Keep Informed with Weekly Updates



Topics: email scams fraud fastbreak

Back to Blog


Something Powerful

Tell The Reader More

The headline and subheader tells us what you're offering, and the form header closes the deal. Over here you can explain why your offer is so great it's worth filling out a form for.


  • Bullets are great
  • For spelling out benefits and
  • Turning visitors into leads.

Recent Posts

Posts by Topic

see all