Job application scam fleeces company of $150,000
'Dear Sir or Madam: Please click here'
A scam that targets businesses posting help-wanted ads online has already fleeced one company of $150,000, according to an advisory from the FBI that warns other businesses to be wary.
The emails, which are sent in response to ads placed on employment websites, contain attachments that when opened infect the user's PC with malware. Once the machine is compromised, the hackers use it to access the victim's online bank account. The scam recently took one unnamed business for $150,000, according to the FBI's Internet Crime Complaint Center.
“The malicious actor changed the account settings to allow the sending of wire transfers, one to the Ukraine and two to domestic accounts,” Wednesday's advisory stated. “The malware was identified as a Bredolab variant, svrwsc.exe. This malware was connected to the ZeuS/Zbot Trojan, which is commonly used by cyber criminals to defraud US businesses.”
The campaign has been around since at least July, SonicWall said here. ®
- Black Hat
- Common Vulnerability Scoring System
- Cybersecurity and Infrastructure Security Agency
- Cybersecurity Information Sharing Act
- Data Breach
- Data Protection
- Data Theft
- Digital certificate
- Identity Theft
- Kenna Security
- Palo Alto Networks
- Trusted Platform Module
- Zero trust