Reports underscore need for security training, even for HR leaders
Hiring managers are advised to be "hyper-vigilant" of cyberthreats following reports of threat actors using fake resumes to gain access to sensitive company information.
Cybersecurity firm eSentire recently reported that it detected and blocked an attempted malware campaign against a firm in the industrial services industry.
The threat actor posed as a potential job candidate on a job listing platform and provided the recruiter a fake resume download site.
"When navigating to the site, the victim was met with a 'Download CV' button, which resulted in the download of a malicious Windows Shortcut File (LNK)," eSentire said on a blog post.
"Navigating to the same URL days later results in the individuals resume in plain HTML, with no indication of a redirect or download."
The threat was related to a “more_eggs” malware, which eSentire said is engineered to "steal valuable credentials, including usernames and passwords for corporate bank accounts, email accounts, and IT administrator accounts."
According to the cybersecurity firm, attackers not only pose as a potential candidate, but also as a recruiter. They also deploy this method during periods when hiring is typically at an increase.
The report comes amid growing concerns among executives that their next cybersecurity breach will be due to an internal staff error.
Stu Sjouwerman, CEO of KnowBe4, said the reported malware campaign highlights the need for security awareness training for all employees, even HR professionals.
"Hiring managers need to remain hyper-vigilant about vetting job applicants and purported resumes, especially those coming from sketchy websites or email contacts," Sjouwerman said on a blog post.
"If something seems off, stop and get that resume file properly scanned before downloading it. Corporate security policies and best practices must govern how recruitment teams handle candidate materials."