Expert Comments

Expert Reaction On Malware Campaign Hides In Resumes And Medical Leave Forms

Expert(s): Security Experts
Expert(s): Security Experts

Criminals are using resumes to hide malicious payloads in a business climate that has seen hundreds of thousands of individuals searching for jobs. According to new research, the fake CVs disguise banking trojans and data stealers in macros within Microsoft Excel files. Researchers at Check Point Software say that a new campaign of Zloader malware has been part of an overall doubling of resume-based subterfuge in the last two months. A similar campaign involving the TrickBot loader hides within an attachment labelled as a family leave request within the parameters of the Family and Medical Leave Act.

Experts Comments

June 08, 2020
Chris Hauk
Consumer Privacy Champion
Pixel Privacy
Malware campaigns like this one are a constant reminder about the need to keep operating systems, software, and antivirus and anti-malware applications updated on a regular basis. It also points out the need for increased employee education about how to safely use email and how to avoid clicking links or opening attachments from unknown sources.
June 08, 2020
Paul Bischoff
Privacy Advocate
Comparitech
Macro attacks in Microsoft Office documents have been used by hackers for many years to distribute malware. More recent versions of Microsoft Office projects open documents with macros disabled and prompt users to turn them on. I suspect many recipients of these documents agree to allow macros without fully realising what macros are or what danger they present. If you don't need macros, don't turn them on. You can disable macros entirely by going to File > Options > Trust Center > Trust Center.....Read More
Macro attacks in Microsoft Office documents have been used by hackers for many years to distribute malware. More recent versions of Microsoft Office projects open documents with macros disabled and prompt users to turn them on. I suspect many recipients of these documents agree to allow macros without fully realising what macros are or what danger they present. If you don't need macros, don't turn them on. You can disable macros entirely by going to File > Options > Trust Center > Trust Center Settings > Macro Settings > Disable All Macros Without Notification. This will prevent the recipient from accidentally allowing macros to run. Ideally, employers shouldn't open attachments or click on links in any unsolicited email, but when accepting resumes, that's not always a possibility. With that in mind, businesses might want to isolate the device used to receive resumes from the rest of the office network, use strong antivirus and spam filters, implement DMARC, and disable macros.  Read Less
June 08, 2020
Javvad Malik
Security Awareness Advocate
KnowBe4
We're seeing criminals use more and more clever techniques to deliver malicious payloads through a variety of phishing attacks leveraging the COVID-19 pandemic. Using resumes or official requests for leave are particularly devious as HR receives many attachments on a daily basis. Security awareness and training can be extremely helpful in assisting staff in identifying where an attachment may be suspicious. Furthermore, technical controls should be put in place, such as isolating those email.....Read More
We're seeing criminals use more and more clever techniques to deliver malicious payloads through a variety of phishing attacks leveraging the COVID-19 pandemic. Using resumes or official requests for leave are particularly devious as HR receives many attachments on a daily basis. Security awareness and training can be extremely helpful in assisting staff in identifying where an attachment may be suspicious. Furthermore, technical controls should be put in place, such as isolating those email boxes which receive external resumes from sensitive HR systems so that if an attachment is opened, it doesn't impact the whole organisation.  Read Less
June 08, 2020
Jamie Akhtar
CEO and Co-founder
CyberSmart
These kinds of scams are getting increasingly sophisticated in the ways that they masquerade as legitimate sources. Cybercrime is often opportunistic. We've seen criminals taking advantage of all kinds of changes in online behaviour since the start of COVID-19. While anti-phishing software can help stop many of them, others will always get through. The greatest defence when it comes to phishing threats is educating yourself and your employees on how to spot the signs of an attack. People should .....Read More
These kinds of scams are getting increasingly sophisticated in the ways that they masquerade as legitimate sources. Cybercrime is often opportunistic. We've seen criminals taking advantage of all kinds of changes in online behaviour since the start of COVID-19. While anti-phishing software can help stop many of them, others will always get through. The greatest defence when it comes to phishing threats is educating yourself and your employees on how to spot the signs of an attack. People should be on the lookout for spelling and grammatical errors, overpromising and eager messaging, pop-ups and urgent deadlines or calls to action. They should also look carefully at who the email is from. Phishing attempts often use the name of someone they know (a colleague or friend, for example) but with the wrong domain address. One of the aspects of phishing that makes it so tricky to defend against is that attackers are constantly adapting the tactics they are using to lure people in. Taking time to educate yourself and others on a regular basis on current phishing threats, is an important part of avoiding these attacks.  Read Less

Submit Your Expert Comments

What do you think of the topic? Do you agree with expert(s) or share your expert opinion below.
Be part of our growing Information Security Expert Community (1000+), please register here.

Write Your Expert Comments *
Your Registered Email *
Notification Email (If different from your registered email)
* By using this form you agree with the storage and handling of your data by this web site.
SUBMIT

You may also like

Report Says Russian Hackers Haven’t Eased Spying Efforts, Expert Weighs...

BitMart Attack – Combatting Cyber Criminals’ Crypto Appetite

Expert Comments: Spar Stores Hit By Major Cyberattack

Expert Comment: Ceeloader Malware

Planned Parenthood LA breached, Experts Weigh In

Data Security Comment: Colorado Energy Company Loses 25 Years Of...

Colorado Energy Company DMEA Loses 25 Years Of Data After...

Governemnt Data Breach Of New Years Honours Recipients

New Malvertising Campaign Spreads Backdoors, Malicious Chrome Extensions

DNA Testing Firm Discloses Data Breach Affecting 2.1 Million People

Information Security Buzz (aka ISBuzz News) is an independent resource that provides the experts comments, analysis and opinion on the latest Information Security news and topics

Twitter Facebook-f Linkedin Youtube

Working With Us

The Pages

Our Contributing Experts