Anyone job hunting should carefully review the job offers they receive. Anything appearing too good to be true is often that: too good to be true. According to many cases, people have found these opportunities come from a fake job campaign that intends to distribute malware to the unwary.

The Scam

Hackers have found a way to distribute this malware through social media. They use fake social media accounts and present themselves as recruiters for prominent companies. Victims who interact with these “recruiters” may believe them legitimate enough to accept the infected links they send as part of the fake job offers.

Usually, these links lead to a website requiring the victim to solve a CAPTCHA challenge. This step intends to solidify the belief that this is legitimate. Afterward, the victim may download a document detailing the job expectations. However, this document carries a malicious macro for the hacker to exploit. 

This macro retrieves the malware from another location and infects the device that downloaded it. Once infected, the malware can monitor and steal sensitive information the user inputs or saves. Unfortunately, researchers have not discovered the goal of this malware. 

Steps to Avoid the Malware

The best way to avoid this scam is by staying cautious about any job offers you receive. Research the company making the offer, including their contact information and website, to ensure the details match. When you find an open position online, check their website or contact the company directly to ensure it is legitimate.

Never automatically trust offers coming from a prominent social media site. It has proven easy for hackers to pretend they work for legitimate companies. However, cautiousness alone is not enough. Here are other steps to take to protect yourself from hackers:

• Use anti-virus software. Though this software may not protect you from all malware, its scans can detect and protect you from most. This software can also remove malicious software already on your device and prevent you from clicking or opening infected files.
• Update your operating system. Make sure you keep your operating system and applications up to date. This step can make your device less vulnerable to hackers.
• Avoid sharing sensitive information early in the hiring process. Jobseekers should avoid sharing too much, too soon. Most reputable employers request information later in the hiring process. As such, any recruiter asking for personal or financial details early in the application is likely a fraud.
• Check the sender’s email address and details. Verify the sender’s email address matches the company’s official domain. Should the email contain links, ensure you hover over it before clicking. If you look in the screen’s bottom left corner, you will see the URL’s destination. You should act cautiously if the link does not match the destination.

Receiving job offers is exciting and often a breath of relief. However, job hunters should do their due diligence and ensure its legitimacy. Follow the steps shared above to improve your chances of avoiding fake job offers. Should you receive a legitimate job offer, consider running a self-background check to ensure hackers did not get your information beforehand. Self-checks also allow you to correct errors and prepare explanations for any negative information.

You can stay one step ahead of hackers and identity thieves by running a quick self background check. Click here to get started.

Source