Hackers are taking advantage of job hunters.
Wherever there are people in need of some manner of service or connection, there is always a group of bozos looking to take advantage of them. Everyone receives spam emails potentially laced with dangerous malware, but for the most part, we know better than to open them. However, the aforementioned bozos have found a new, particularly devious means of delivering viruses upon the heads of the unsuspecting: LinkedIn.
Reports from cybersecurity firm eSentire say that LinkedIn users have had their computers compromised by targeted phishing operations from hacker groups. This is a sub-genre of typically phishing methods known as “spear phishing,” wherein a bad actor creates a personalized message for a sender to trick them into opening it, as opposed to the usual spelling-error-filled dittos spammers send out. This is especially dangerous on a site like LinkedIn, where the majority of the userbase is trying to connect with companies to find jobs, and especially right now with the economy and unemployment situation being the way it is.
According to the reports, the hacker group would pull data from a LinkedIn user’s page, such as their name, experience, current job title, and so on, and use it to fabricate an extremely convincing job offer message. If this message is opened, a un-tracable backdoor is installed into your computer’s system, which a connected hacker could use for all kinds of dastardly deeds, such as identity theft, online payment rerouting, and other scary thoughts.
The amount of scamming going on, on LinkedIn by people pretending to job posters is scary. I applied for a job only to find out after a weird interview experience that the company’s account had been hacked.
— Tater Swift (@SnackEvangelist) April 7, 2021
These tainted messages can be difficult to avoid, especially if you’re in the midst of an involved job hunt. All you can really do is remain vigilant; do not accept unsolicited job offers without performing a thorough check of the “company” it’s from, and if you’re suspicious, contact LinkedIn’s Safety Center and forward them the message for analysis. You’ve already got enough headaches to deal with during a job hunt, you don’t need malware-slinging bozos on top of them.