Threat Alert: Job Offer Message Lures 

• Cybercriminals have launched a series of phishing attacks purporting to be a job recruitment company. These attacks are designed to spread malicious software (malware) to unsuspecting recipients. 
• The emails use job-themed lures to convince targeted individuals to click links leading them to a landing page that is personalized with the recipient’s email and has job offer documents available for download via a ‘Review Document’ button. 
• If the ‘Review Document’ button is clicked, a download button appears prompting recipients to download a password-protected ZIP containing a decoy PDF and malicious files. 

Key Actions (at Work and at Home) 

• Go beyond surface clues. Familiar logos, branding, and names are not automatic indicators that an email or website is safe. Cybercriminals often imitate well-known organizations. 
• Verify the legitimacy of any unsolicited/unexpected email before you interact with it, especially if it directs you to click on a link or leads you to a file download. It can be tempting to click on a “call to action,” but if you want to check the validity of a job posting, it’s safest to go directly to a known, trusted website or application. 
• Be wary of enticing offers. Attackers try to manipulate people’s emotions in various ways, such as with the promise of a desirable job or a “too good to be true” offer.   
• Be wary of convoluted steps. Recruiters typically provide job-related details directly in the body of their message. Convoluted steps to learn about a job description, such as following a link to then download a file, should be treated as a warning sign. 
• Report ANY suspicious emails using the Phish Alarm button. Remember: Our organization occasionally sends phishing simulations.