Human resources departments may get unsolicited emails from people looking for a job because, well, these are difficult times and a lot of people lose their jobs. But, as Sophos announced earlier this week, not all these emails come from out of work people that want to get a job. Oh no – they could come from people with malicious intent that want to propagate malware.
Earlier this week Sophos announced there is a there is a new spam campaign making the rounds online. The spam message looks like this: Subject: New resume Attached file: Resume_document_459.zip Message body: Please review my CV, Thank you!
SPONSORED LINKS
The attached file is in fact malware, not a CV/resume. If you receive such a spam message, you should delete it immediately. Whatever you do, do not download the attached zip file. If you do download the attachment, your computer may get infected with malware. Sophos detects the malware as Troj/Invo-Zip and Mal/EncPk-NS.
Sophos has now announced that the malware spreaders have tweaked this spam campaign a bit. The new spam emails look like this:
Subject: Please look my CV. Thank you. Attached file: My_Resume_6213.zip or My_Resume_317.zip Message body: Hello! I have figured out that you have an available job. I am quiet intrested in it. So I send you my resume, Looking forward to your reply. Thank you.
“Make sure your staff, including employees who work in the human resources department, are aware that the bad guys are distributing their attacks in this way, and check that you have a solid defence in place,” commented Senior Technology Consultant with Sophos, Graham Cluley.
In related news, also watch out for spam messages that claim you received a $50 iTunes gift. These messages also have malware attached to them (more on this topic here ).
Human resources departments may get unsolicited emails from people looking for a job because, well, these are difficult times and a lot of people lose their jobs. But, as 