Some Dream-Job Postings(On Line)-Could be Malware Scams—Be aware

The software company ESET has revealed that Hackers are now attempting to trick people who are looking for employment, by giving them unbelievable job offers with benefits that are actually fake. 

Those who have experience with the operating system Linux are the initial targets, and the criminal hacker group Lazarus is working hard to additionally target people who work in the software or DeFi (Decentralized Finance) platform industries. 

We expect this threat to expand into other areas of focus. 

The hackers with Lazarus, which has previously been thought to be affiliated with the North Korean Government, are mostly using social media sites like LinkedIn to send messages with job offers to its victims. 

However, the messages are simply a ploy to get the victims to download malware.

Beware of malware hidden in fake job offers 

In the message, the hacker will say that the job seeker has been offered a wonderful position and attaches what looks like a PDF file, stating that this is the offer agreement and that the person must download it to view the details of the newly offered job opportunity. 

If the person clicks the file to download it, then a fake PDF file will appear to fool them while the malware downloads a payload in the background and infects their device. 

Threat grows wider to all computer operating systems 

Launching this malware directly at Linux means that Lazarus has officially been successful in targeting all major desktop operating systems. 

They overlapped with Operation In(ter)ception, which initially started with aerospace, military, and defense companies that used Windows-only tools. 

They then moved on to targeting Mac-OS in July and August starting last year and have now conquered the Linux operating system as well. 

ESET also claims that Lazarus also attacked the 3CX Phone System back in March 2023, which is used by more than 12 million users daily, including companies like American Express, Coca-Cola, and McDonald’s. 

With all these major companies and every main operating system at risk, Cybersecurity Teams are certainly going to have their work cut out for them when it comes to protecting the safety of users. 

Lazarus targets Windows IIS servers to distribute malware 

As of July 2023, it has also been revealed that Lazarus is breaching Windows Internet Information Service (IIS) web servers and using them to distribute malware. IIS is Microsoft’s web server solution that is mostly used for hosting websites and application services. 

The cybersecurity analysts at the South Korean company ASEC have reported that Lazarus has targeted the IIS server to gain access to corporate networks and distribute malware to visitors of these websites or users of the application services. 

What you can do to protect yourself 

Be cautious of unsolicited job offers 

Be skeptical of job offers that come out of the blue, especially if they appear too good to be true. Exercise caution and thoroughly research the company and the job opportunity before proceeding. Just because it appears to come from what appears to be LinkedIn does mean a scammer isn’t trying to trick you. 

Verify the legitimacy of the employer 

Conduct a background check on the company offering the job. Look for their official website, contact information, and online presence. Check if the company has a reputable reputation in the industry. 

Have good antivirus software on all your devices  

Antivirus software, on the other hand, provides more comprehensive protection by scanning your device for viruses, spyware, and other types of malware. It can also detect and remove malicious software that has already been installed on your device and alert you of any phishing emails or ransomware scams.  

Most importantly, antivirus software will prevent you from clicking a malicious link or opening a malicious PDF file that could install malware on your device in the first place. 

See my expert review of the best antivirus protection for your Windows, Mac, Android & iOS devices by heading to CyberGuy.com/LockUpYourTech 

Double-check email senders and URLs 

Pay attention to email senders’ addresses and ensure they match the official domain of the company. With your antivirus software actively running on your desktop or laptop devices, carefully hover over links in emails to see the actual destination URL before clicking on them. Be cautious of any mismatch or suspicious URLs. 

Avoid sharing sensitive information upfront 

Be cautious about providing sensitive personal or financial information during the initial stages of the job application process.  Legitimate employers typically gather such details after a certain level of trust and progress in the recruitment process. Not at the beginning. 

For more of my tech tips & security alerts, subscribe to my free CyberGuy Report Newsletter by heading to Cyberguy.com/Newsletter 

Enable two-factor authentication (2FA) 

Enable 2FA whenever possible, especially on your email accounts, job portals, and any other platforms you use. This adds an extra layer of security by requiring a second verification step, usually a unique code sent to your mobile device. 

Keep your software updated 

Regularly update your operating system, applications, and security software to ensure you have the latest security patches and bug fixes. This helps protect against known vulnerabilities that hackers may exploit.