Be careful if a job offer on LinkedIn seems too good, it could be phishing
The economic crisis caused by the coronavirus has different consequences, such as fake job offers with malware.
When it comes to capturing victims, the update cheats and hooks used by cybercriminals. With the arrival of the Income Statement, false emails are received posing as the Tax Agency, and this type of strategy can also be seen on LinkedIn with the desperate job search that exists.
In Gizmodo they have echoed campaigns they are carrying out groups posting fake job offers to send LinkedIn messages containing malicious ZIP files. From the looks of it, they are very effective at hijacking computers.
The objective is reaching out to skilled workers who are looking for jobs similar to those they already had. Sometimes offers identical to their latest works are published so that they can click on them and start the process to get their computers.
The Trojan used is named “more-eggs” and is classified as very destructive and dangerous to be accompanied by ransomware and malware especially focused on stealing banking data.
According to a specialist from the eSentire company consulted on Gizmodo, “It is a perfect time to take advantage of job seekers who are desperate to find a job. Therefore, a custom job lure is even more attractive during these tough times”. He also warned of how especially effective this strategy is through LinkedIn.
The recommendations are the usual ones for all types of threats of this class: verify who sends the information and do not open documents without being completely sure that they are reliable. It is not usual for a job offer to send attachments, so it is better to always be alert and nothing happens to delay a few minutes to analyze the situation. It may be too late to regret it later.