THREAT ALERT — Phishing Scam
Cybercriminals using LinkedIn for Social Engineering Attacks
Job seekers – BEWARE – Cybercriminals are leveraging LinkedIn Messenger and fake job postings to spread known malware such as Ducktail and DarkGate.
Clicking the link of a fake job description sends victims to an unsafe website attached to malware-infected Google Drive files. Downloading these files can give cybercriminals access to victim internet browser cookies and session data, which can also lead to harvesting victim login credentials and other sensitive information.
The following tips can help you protect you from similar scams:
- Develop a healthy suspicion of all unexpected messages, especially those with job offers from unfamiliar sources and random topics like package delivery updates, lottery winnings, IRS notices, etc.
- Always attempt to confirm or validate the identity of the sender. A quick Google search can help determine if the person, email, website, phone number, or address is related to a legitimate business. For job offers, go to the official company website to search and apply for jobs instead of following links in emails or messages.
IF YOU ARE SCAMMED, TAKE STEPS FOR IMMEDIATE ACTION
- Run a malware scan on a computer using an antivirus program.
- Run a scan to check drivers and contact a trusted partner like Blackswan Cybersecurity to check; sometimes, backdoors are hard to spot.
- Closely monitor accounts for any suspicious activity and change passwords to sensitive websites such as email, bank accounts, and government websites such as social security.
- If money or anything has been stolen, report the scam to law enforcement so they can take appropriate action and help prevent others from being scammed in the future.
Report all suspicious activity, incidents, phishing attempts, malware, and vulnerabilities to: CISA.gov/report.