Check Point warns of resume-themed malware threat

Security firm claims resume-themed campaigns have doubled in the US in the past two months

Check Point Software has warned that hackers are using fraudulent resume documents to spread Zloader malware.

Resume-themed campaigns in the last two months have doubled in the US, according to Check Point, with one in 450 malicious files being a resume-related scam.

Check Point has observed threat actors using infected resume documents to spread Zloader malware. Malicious .xls files with subjects such as “applying for a job” or “regarding job” were sent to unsuspecting users. 

Victims were then asked to enable content when opening the infected files. In doing so, a malicious macro began running in the background to download the final payload onto a user’s device. Once a user’s device was successfully infected, threat actors could use the malware to carry out financial transactions on the device.

The software company also discovered a campaign using medical leave forms that delivered the Icedid malware, another banking trojan designed to steal a user’s financial data. The emails were sent from different sender domains such as “medical-center.space” and used subjects citing the Family and Medical Leave Act (FMLA) to lure victims into opening malicious email attachments using file names like “COVID -19 FLMA CENTER.doc.”

A similar FMLA-themed campaign delivered banking trojan Trickbot. In this particular cyberattack, emails being sent from domains such as “covid-agency.space” sought to trick unsuspecting users into opening malicious email attachments.

To prevent themselves from falling victim to these resume and FMLA-themed attacks, Check Point Software reminds users to be aware of lookalike domains and unfamiliar email senders. Check Point Software also cautions users against opening file attachments from unknown senders, especially if the attachments prompt users to do something they wouldn’t.

Featured Resources

B2B under quarantine

Key B2C e-commerce features B2B need to adopt to survive

Download now

The top three IT pains of the new reality and how to solve them

Driving more resiliency with unified operations and service management

Download now

The five essentials from your endpoint security partner

Empower your MSP business to operate efficiently

Download now

How fashion retailers are redesigning their digital future

Fashion retail guide

Download now

Recommended

Chipotle’s marketing email hacked to send phishing emails
phishing

Chipotle’s marketing email hacked to send phishing emails

29 Jul 2021
Dark web ads offering access to corporate networks increase sevenfold
hacking

Dark web ads offering access to corporate networks increase sevenfold

28 Jul 2021
Number of hacking tools increasing as cyber criminals become more organized
hacking

Number of hacking tools increasing as cyber criminals become more organized

28 Jul 2021
Criminals target Discord to spread malware
live chat

Criminals target Discord to spread malware

26 Jul 2021

Most Popular

RMIT to be first Australian university to implement AWS supercomputing facility
high-performance computing (HPC)

RMIT to be first Australian university to implement AWS supercomputing facility

28 Jul 2021
Samsung Galaxy S21 5G review: A rose-tinted experience
Mobile Phones

Samsung Galaxy S21 5G review: A rose-tinted experience

14 Jul 2021
Zyxel USG Flex 200 review: A timely and effective solution
Security

Zyxel USG Flex 200 review: A timely and effective solution

28 Jul 2021