Check Point warns of resume-themed malware threat

Security firm claims resume-themed campaigns have doubled in the US in the past two months

Check Point Software has warned that hackers are using fraudulent resume documents to spread Zloader malware.

Resume-themed campaigns in the last two months have doubled in the US, according to Check Point, with one in 450 malicious files being a resume-related scam.

Check Point has observed threat actors using infected resume documents to spread Zloader malware. Malicious .xls files with subjects such as “applying for a job” or “regarding job” were sent to unsuspecting users. 

Victims were then asked to enable content when opening the infected files. In doing so, a malicious macro began running in the background to download the final payload onto a user’s device. Once a user’s device was successfully infected, threat actors could use the malware to carry out financial transactions on the device.

The software company also discovered a campaign using medical leave forms that delivered the Icedid malware, another banking trojan designed to steal a user’s financial data. The emails were sent from different sender domains such as “medical-center.space” and used subjects citing the Family and Medical Leave Act (FMLA) to lure victims into opening malicious email attachments using file names like “COVID -19 FLMA CENTER.doc.”

A similar FMLA-themed campaign delivered banking trojan Trickbot. In this particular cyberattack, emails being sent from domains such as “covid-agency.space” sought to trick unsuspecting users into opening malicious email attachments.

To prevent themselves from falling victim to these resume and FMLA-themed attacks, Check Point Software reminds users to be aware of lookalike domains and unfamiliar email senders. Check Point Software also cautions users against opening file attachments from unknown senders, especially if the attachments prompt users to do something they wouldn’t.

Featured Resources

Digital document processes in 2020: A spotlight on Western Europe

The shift from best practice to business necessity

Download now

Four security considerations for cloud migration

The good, the bad, and the ugly of cloud computing

Download now

VR leads the way in manufacturing

How VR is digitally transforming our world

Download now

Deeper than digital

Top-performing modern enterprises show why more perfect software is fundamental to success

Download now

Recommended

What is hacktivism?
hacking

What is hacktivism?

13 Oct 2020
Microsoft: Iranian hackers are exploiting ZeroLogon flaw
Security

Microsoft: Iranian hackers are exploiting ZeroLogon flaw

6 Oct 2020
The Ritz suffers data breach after hackers pose as staff
data breaches

The Ritz suffers data breach after hackers pose as staff

17 Aug 2020
Russia hacked Liam Fox's personal email to steal trade documents
phishing

Russia hacked Liam Fox's personal email to steal trade documents

4 Aug 2020

Most Popular

The top 12 password-cracking techniques used by hackers
Security

The top 12 password-cracking techniques used by hackers

5 Oct 2020
Mobile browser flaw exposes users to spoofing attacks
Security

Mobile browser flaw exposes users to spoofing attacks

21 Oct 2020
What is a 502 bad gateway and how do you fix it?
web hosting

What is a 502 bad gateway and how do you fix it?

5 Oct 2020