Job Applicant or Malware in Disguise?
I don’t know about you, but I miss the good old days…back when an HR Recruiter’s biggest IT concern was making sure a new hire signed and abided by the Acceptable Use Policy! With so much cybercrime happening elsewhere, it was only a matter of time before the work of HR Professionals became a target. Last month Check Point Software Technologies shared its discovery of a ransomware campaign designed to separate HR professionals from their cash!
Before we continue, let’s go over the basics. Malware is generally defined as a software program that is intended to damage or disable a computer or system. Ransomware, a type of malware, is designed to block access to a system until a sum of money is paid. That’s right… it can hold your files hostage!
Check Point reports that the ransomware attack usually begins with a brief email from someone posing as a job applicant. The email contains two attachments. The first is a PDF containing a cover letter, which has no malicious content and is designed to “lull the victim into a false sense of security.” The second is an Excel file with malicious content that, when opened, asks the victim to enable content which allows macros to run.
When the unsuspecting recruiter clicks “enable content,” the code inside the macro executes and begins “the process of encrypting the files, denying the victim access to his or her files.” After all files are encrypted the victim gets a ransom note before the computer reboots and starts encrypting the hard disk.
In the end, the victim will be unable to access any files unless a ransom of approximately $1,000 is paid to an untraceable online account.
The research done by Check Point so far has all been overseas, but that doesn’t mean this isn’t on its way.
The old adage “an ounce of prevention is worth of pound of cure” certainly applies here. While we can’t offer any fool proof remedies, here are a few basics that will help:
- Make sure your computer security/anti-virus/anti-malware software is up to date.
- Don’t open anything suspicious from unknown senders.
- Don’t enable macros on MS Office documents.
- Consider uploading attachments from unknown sources to a cloud-based server instead of opening them directly from your computer.
- Revisit your backup process to ensure files are backed up frequently.