ESET warns that cybercriminals infiltrate the responses to calls from Latin American companies, sending false resumes infected with malware to attack corporate systems.
By Summa Magazine
Currently, cybercriminals are trying to infect companies in Latin America with malware by sending fake resumes that contain a remote access Trojan. ESET, a leading company in proactive threat detection, shares examples of this practice and provides recommendations to identify these scams and thus keep systems protected.
At first glance, these emails appear legitimate, the email address in both cases does not appear to be false and the writing does not present spelling or grammar errors that could cause alarm. Even in these cases, ESET highlights that there are always small details that allow us to detect when an email may be distributing malicious content. “In the case of the email supposedly sent by Mariana Álvarez, it is striking that the email is not addressed to any person in particular (something that is repeated in the example of Catalina Muñoz). And, furthermore, the name is not included in the greeting. But the most striking thing, in both examples, is that the attached file is in .zip format and its weight,” comments Camilo Gutiérrez Amaya, head of the ESET Latin America Research Laboratory.
In case of downloading the fake resume, the user will be infected with malware and giving the cyberattacker the possibility of obtaining sensitive information linked to their email access credentials, home banking, credit cards; access confidential company information. Additionally, you may be allowed to install unauthorized software to commit other types of crimes, such as encrypting files or blocking access to systems throughout the organization.
“To mitigate the risk of being a victim of this type of attack, it is important to systematize good practices and as an organization or company it is also relevant to take action on the matter, from the protection of the systems, as well as providing training to its collaborators to detect attempts of phishing.”, adds the ESET Latin America researcher.
When you receive an email, especially if it is unexpected, there are several details and signs that can warn of a phishing attempt. Before clicking, the ESET team recommends checking two details:
· The writing and spelling in the subject and content of the message. Although thanks to Artificial Intelligence, cyberattackers are able to write increasingly coherent and elaborate messages, it is always important to read them thoroughly and verify that there are no errors that raise suspicions.
· File extension (if it is .jpg, pdf, or similar) that must, at least, match the document that the email says to attach. As we see in the examples of this campaign, the supposed resumes are actually .zip files (a compressed file).
As for additional protection, it is essential for detection to have a robust and reliable security solution that can provide defense against this and other types of malware attacks.
“Sending a resume to an organization to apply for a job is an everyday practice, but it has also become a very common tactic among cybercriminals to infect companies with malware. Becoming aware that this is currently happening and training to detect malicious emails is the first step that companies must take to be protected,” concludes Gutiérrez Amaya of ESET.
