Millions of people are active on LinkedIn looking for a job opportunity after the impact of Covid-19. These people are either in search of a job after they lost their job thanks to the pandemic or they’re looking to switch to a better job.
However, it is not just the job seekers and employers who’re active on the professional network, Hackers are also active on LinkedIn. These interlopers are coming up with innovative ways to lure unassuming candidates into sharing their personal details or even give unrestricted access to their computers to these crooks.
According to a report, a group of scam artists that are known as “Golden Chicken” who are backed by advanced threat groups like FIN6, Cobalt Group and Evilnum are behind this new age attack that targets job seekers on LinkedIn.
How to identify fake job offers on LinkedIn?
As per eSentire, the simplest way to identify a fake job offer is to look at the file name and file type that’s been sent across to you. A message containing a job offer in a “Zip” file format can be the first signal.
The research team then suggests looking at the file name and states that the “LinkedIn member’s job is listed as Senior Account Executive—International Freight the malicious zip file would be titled Senior Account Executive—International Freight position (note the “position” added to the end).”
Hence, the word “position” at the end is the biggest giveaway that this file could be a harmful trojan and need to be done away with.
What happens if someone opens it?
According to the Threat Response Unit of eSentire, a leading cybersecurity solutions provider, hackers are sending fake job offers in a zip format to job seekers. This compressed file contains automatically installable stealthy trojans called “more eggs” that get installed as soon as the file is unzipped, offering unrestricted access of users’ devices to the scammers.
Once these hackers get access to the device, it offers a backdoor to the scam artists to install malware of their choice including Ransomware, credential stealers, banking malware or even simply to steal user data silently.
What makes this attack lethal is the fact that this malware runs in a stealth mode and uses normal Windows processes to run hence there are chances that the anti-virus program on your computer might not even pick it.
The best way to avoid this attack is to be watchful of the files that you download on your computer. Make sure it has come from an authentic source and in case it’s a zip file, be extra cautious of the obvious hints like the name etc. In regular scenarios, you’re not going to receive a job offer for a position that you’ve never applied for.