HR Departments Targeted in Sophisticated Phishing Attacks
By Netvora Tech News
Cybercriminals are exploiting human resources departments with targeted phishing attacks, according to security experts at Arctic Wolf. The attacks involve emails sent to HR personnel with links that appear to be to the personal website of a job candidate. The website prompts HR staff to download a resume, but first, they must solve a CAPTCHA puzzle to evade automatic scanners.
The downloaded zip file contains a .lnk file and a .jpg file. The .lnk file executes a script that loads Microsoft WordPad as a decoy, while in the background, a backdoor is installed, granting attackers access to the system and allowing them to execute additional files.
Arctic Wolf warns that these attacks are being carried out by a financially motivated group of attackers. The security firm advises HR personnel to be vigilant about .lnk, .iso, or .vbs files and offers training to help them stay safe from these sophisticated phishing attacks.
How the Attack Works
- HR personnel receive an email with a link to a job candidate's personal website.
- The website prompts HR staff to download a resume, but first, they must solve a CAPTCHA puzzle.
- The downloaded zip file contains a .lnk file and a .jpg file.
- The .lnk file executes a script that loads Microsoft WordPad as a decoy.
- In the background, a backdoor is installed, granting attackers access to the system and allowing them to execute additional files.
These targeted phishing attacks highlight the importance of cybersecurity awareness and employee training in protecting against sophisticated cyber threats.
Comments (0)
Leave a comment