Beware – that dream job offer could actually be a malware scam

Don't let your excitement keep you from being cautious

Overseas hackers target American benefits

Fox News senior national correspondent William La Jeunesse reports on scammers targeting SNAP benefits, welfare, unemployment insurance and more through debt or EBT cards.

The software company ESET has revealed that hackers are now trying to trick people looking for employment by giving them excellent job offers that are actually fake. 

Those who have experience with the operating system Linux are the initial targets, and the criminal hacker group Lazarus is working hard to additionally target people who work in the software or DeFi (Decentralized Finance) platform industries.  We expect this threat to expand into other areas of focus. 

How are hackers tricking people? 

The hackers with Lazarus, which has previously been thought to be affiliated with the North Korean government, are mostly using social media sites like LinkedIn to send messages with job offers to its victims. 

CLICK TO GET KURT’S FREE CYBERGUY NEWSLETTER WITH SECURITY ALERTS, QUICK TIPS, TECH REVIEWS AND EASY HOW-TO’S  

beware that dream job offer could actually be a malware scam

Beware of fake job offers (ESET)

However, the messages are simply a ploy to get the victims to download malware.

Beware of malware hidden in fake job offers 

In the message, the hacker will say that the job seeker has been offered a wonderful position and attaches what looks like a PDF file, stating that this is the offer agreement and that the person must download it to view the details of the newly offered job opportunity. 

If the person clicks the file to download it, then a fake PDF file will appear to fool them while the malware downloads a payload in the background and infects their device. 

Threat grows wider to all computer operating systems 

Launching this malware directly at Linux means that Lazarus has officially been successful in targeting all major desktop operating systems. 

They overlapped with Operation In(ter)ception, which initially started with aerospace, military, and defense companies that used Windows-only tools. 

They then moved on to targeting macOS in July and August starting last year and have now conquered the Linux operating system as well. 

ESET also claims that Lazarus also attacked the 3CX Phone System back in March 2023, which is used by more than 12 million users daily, including companies like American Express, Coca-Cola, and McDonald's. 

TOP BROWSERS TARGETED BY NEW MALWARE TO STEAL YOUR SENSITIVE DATA  

beware that dream job offer could actually be a malware scam

Graphic shows malware's cycle (ESET)

With all these major companies and every main operating system at risk, cybersecurity teams are certainly going to have their work cut out for them when it comes to protecting the safety of users. 

Lazarus targets Windows IIS servers to distribute malware 

As of July 2023, it has also been revealed that Lazarus is breaching Windows Internet Information Service (IIS) web servers and using them to distribute malware. IIS is Microsoft's web server solution that is mostly used for hosting websites and application services. 

The cybersecurity analysts at the South Korean company ASEC have reported that Lazarus has targeted the IIS server to gain access to corporate networks and distribute malware to visitors of these websites or users of the application services. 

What you can do to protect yourself 

Be cautious of unsolicited job offers 

Be skeptical of job offers that come out of the blue, especially if they appear too good to be true. Exercise caution and thoroughly research the company and the job opportunity before proceeding. Just because it appears to come from what appears to be LinkedIn does mean a scammer isn't trying to trick you. 

Verify the legitimacy of the employer 

Conduct a background check on the company offering the job. Look for their official website, contact information, and online presence. Check if the company has a reputable reputation in the industry. 

Have good antivirus software on all your devices  

NEW MALWARE IS TARGETING MAC OS AND CAN STEAL SENSITIVE INFORMATION FROM YOUR DEVICES  

Antivirus software, on the other hand, provides more comprehensive protection by scanning your device for viruses, spyware, and other types of malware. It can also detect and remove malicious software that has already been installed on your device and alert you of any phishing emails or ransomware scams.  

Most importantly, antivirus software will prevent you from clicking a malicious link or opening a malicious PDF file that could install malware on your device in the first place. 

See my expert review of the best antivirus protection for your Windows, Mac, Android & iOS devices by heading to CyberGuy.com/LockUpYourTech 

Double-check email senders and URLs 

Pay attention to email senders' addresses and ensure they match the official domain of the company. With your antivirus software actively running on your desktop or laptop devices, carefully hover over links in emails to see the actual destination URL before clicking on them. Be cautious of any mismatch or suspicious URLs. 

Avoid sharing sensitive information upfront 

Be cautious about providing sensitive personal or financial information during the initial stages of the job application process.  Legitimate employers typically gather such details after a certain level of trust and progress in the recruitment process. Not at the beginning. 

For more of my tech tips & security alerts, subscribe to my free CyberGuy Report Newsletter by heading to Cyberguy.com/Newsletter 

Enable two-factor authentication (2FA) 

Enable 2FA whenever possible, especially on your email accounts, job portals, and any other platforms you use. This adds an extra layer of security by requiring a second verification step, usually a unique code sent to your mobile device. 

Keep your software updated 

Regularly update your operating system, applications, and security software to ensure you have the latest security patches and bug fixes. This helps protect against known vulnerabilities that hackers may exploit. 

Use strong, unique passwords 

BEWARE OF CHERRYBLOS, THE ANDROID MALWARE THAT STEAL PASSWORDS

beware that dream job offer could actually be a malware scam

Malware on the laptop screen (Cyberguy.com)

Create strong and unique passwords for all your accounts, including your email, job portals, and any other online platforms you use.  Consider using a password manager to securely store and generate complex passwords. It will help you to create unique and difficult-to-crack passwords that a hacker could never guess.  

Second, it also keeps track of all your passwords in one place and fills passwords in for you when you're logging into an account so that you never have to remember them yourself.  The fewer passwords you remember, the less likely you will be to reuse them for your accounts. 

Check out my best expert-reviewed password managers of 2023 by heading to CyberGuy.com/Passwords 

Kurt's key takeaways 

Hackers are increasingly targeting individuals seeking employment by offering fake job opportunities, particularly on social media platforms like LinkedIn.  

This highlights the importance of being cautious, verifying the legitimacy of employers, double-checking email senders and URLs, avoiding sharing sensitive information upfront, enabling two-factor authentication, keeping software updated, and using strong, unique passwords.

Additionally, installing reliable antivirus software on all devices is crucial for protection against malware and phishing attempts. By taking these precautions, you can significantly reduce your risk of falling victim to fraudulent job schemes and safeguard your personal and professional information. 

What measures do you take to protect yourself from cybersecurity threats? Have you ever been a target? How did you handle the situation? Let us know by writing us at Cyberguy.com/Contact 

For more of my security alerts, subscribe to my free CyberGuy Report Newsletter by heading to Cyberguy.com/Newsletter

Copyright 2023 CyberGuy.com.  All rights reserved. 

Kurt "CyberGuy" Knutsson is an award-winning tech journalist who has a deep love of technology, gear and gadgets that make life better with his contributions for Fox News & FOX Business beginning mornings on "FOX & Friends." Got a tech question? Get Kurt’s CyberGuy Newsletter, share your voice, a story idea or comment at CyberGuy.com.

Authored by Kurt Knutsson, Cyberguy Report via FoxNews August 4th 2023