According to security company Proofpoint (via MarketWatch), the attackers are going through open positions and then attaching documents with names like “resume.doc” or “cv.doc” to applications. When a hiring manager or interviewer on the other end opens it up, the malware gets in because CareerBuilder automatically emails notifications and attachments with resumes to the job poster when someone applies.
“Rather than attempt to create a realistic lure, the attackers here have instead capitalized on the brand and service of a real site: the recipients are likely to read them and open the attachments because not only are they legitimate emails from a reputable service, but these emails are expected and even desired by the recipient,” Proofpoint researchers wrote in a blog post.
CareerBuilder is investigating the attack with the help of third-party experts and letting affect customers know, a spokeswoman told MarketWatch. She says the site “has controls in place to stop mass distribution of applications to job postings and takes a variety of preventative measures.”
Proofpoint adds that any job boards that work similarly are also susceptible to these kinds of attacks.
Foot in the door: Cybercriminals leverage job search website to sneak malware into businesses [Proofpoint]
Hackers sneak malware into job applications [MarketWatch]
by Mary Beth Quirk via Consumerist
No comments:
Post a Comment