Recruitment Phishing Scam Imitates Hiring Process

SUMMARY :

A sophisticated phishing campaign has been discovered that exploits recruitment branding to deliver malware. The attack begins with a phishing email impersonating a recruitment process, directing victims to a malicious website. Users are prompted to download a fake application, which serves as a downloader for the XMRig cryptominer. The malware performs environment checks to evade detection, downloads configuration files and the XMRig executable, and establishes persistence through multiple methods. This campaign highlights the importance of vigilance against phishing scams, particularly those targeting job seekers. Organizations are advised to educate employees on phishing tactics, monitor for suspicious network traffic, and employ endpoint protection solutions to detect and block malicious activity.

OPENCTI LABELS :

phishing,social engineering,cryptominer,recruitment,job seekers


Open in NetmanageIT OpenCTI Public Instance with below link!


Use public read only username and password on login page.

NOTE : Use Public READ only user credentials on login page banner.


Recruitment Phishing Scam Imitates Hiring Process