An investigation has uncovered hackers using bots to send malware-ridden CVs to potential employers.
The CVs are difficult to identify as being a security risk, by both the recipient of the email and traditional antivirus software.
Targeted employers will receive an email from a potential job applicant, with the attached CV as a .doc file.
The attachment will deliver Quasar RAT malware to the employer, and ‘uses several counter-detection measures‘.
In the phishing attempt, recipients are asked to enter a password to open the resume. The password acts as a way to deter traditional security software.
The Millgate Security Team suggest that, in order to mitigate the risk of falling for the attempt, you should be particularly careful with any password protected documents. Consider asking applicants for unprotected versions of any documents.
Keeping your employees security-savvy can drastically reduce your business’ chance of successful phishing attacks.
If you’re unsure on how successful your business’ security strategy is, you can talk to a member of our security team on 0114 242 7310, or fill out our form here.
Join us for a high value day of inspiring talks, expert advice, and real solutions to real business problems.
60% of those small businesses will fail within their first five years.
The number of reported breaches is up 54% this year compared to the same period in 2018.