An investigation has uncovered hackers using bots to send malware-ridden CVs to potential employers.
The CVs are difficult to identify as being a security risk, by both the recipient of the email and traditional antivirus software.
Targeted employers will receive an email from a potential job applicant, with the attached CV as a .doc file.
The attachment will deliver Quasar RAT malware to the employer, and ‘uses several counter-detection measures‘.
In the phishing attempt, recipients are asked to enter a password to open the resume. The password acts as a way to deter traditional security software.
The Millgate Security Team suggest that, in order to mitigate the risk of falling for the attempt, you should be particularly careful with any password protected documents. Consider asking applicants for unprotected versions of any documents.
Keeping your employees security-savvy can drastically reduce your business’ chance of successful phishing attacks.
If you’re unsure on how successful your business’ security strategy is, you can talk to a member of our security team on 0114 242 7310, or fill out our form here.
It can be all too easy to overlook a crucial element of your cyber security strategy, so we’ve compiled this handy checklist to ensure you haven’t missed anything.
Understand the benefits that home working can provide for your business
Discover a new generation of IT infrastructure
that manages itself.