Hackers are baiting spear phishing attacks with LinkedIn information

eSentire, a security organization has issued an alert about a recent hacking scheme that uses job applicants to gain access to company networks.

Most commonly, Golden chicken, a hacking community is responsible for spear phishing attacks. This hacking community works by sending fake job offers to people using the information present on their LinkedIn profile. An example of such a case is when Associate Editor received a zip file labeled as Associate Editor role. When this file is opened, more eggs Trojan will be installed on the computer of the job applicant. More eggs will allow the hacker to get access to the computer and download additional plugins.

The hacking system works similar to Windows as it is quite secretive and no one can differentiate between normal windows operations and a hacking operation. Reportedly, Golden Chickens is exporting their hack as malware to other hacking groups who are in search of a new target. According to Rob McLeod, Sr. Director of eSentire's Threat Response Unit (TRU), this phishing technique is more likely to be successful in the present economic environment than in any other condition.

Microsoft, which owns LinkedIn, issued the statement saying that LinkedIn is more often used by adults for job-seeking purposes. It has been used by millions of people on an everyday basis to search for and apply for work. When it comes to job hunting, it is important to ensure security, knowing the supervisor a person is speaking with, whether the job is legitimate and genuine, and knowing the tactics to prevent fraud attempts. According to Microsoft, LinkedIn does not allow fraud people to hack job seekers. To identify the fake accounts, a proper defense system is employed. Usually, both automated and manual defense system is used to detect fraud accounts. Any profiles or work postings that are found to be in violation of the policies will be removed from the platform.

Users should always be aware of the attachments no matter how persuasive the cover letter is. Before opening any attachment, cross-checking is necessary to make sure the file is safe to open. In an urge to get the job, applicants somehow accept the files that are not meant for job confirmation. Instead, they will be getting hacked by giving access to the hackers.

Read next: A recent Whatsapp scam has been identified, which is said to be more dangerous than the previous ones as it will come through from one of your contacts
Previous Post Next Post