Cyber crooks are impersonating well known recruitment companies such as Michael Page to lure email users into downloading harmful files via phishing emails.
Crooks are known for impersonating entities such as banks, social media companies and sites like PayPal and eBay to try and lure recipients into clicking email links that are most decidedly very bad for your online security. It’s called phishing, and it remains one of the most notorious and prolific scams on the Internet.
And now we’ve seen a rise in scams whereby crooks are impersonating recruitment companies to help lure victims into compromising their own security.
Just as with banks and social media companies, impersonating recruitment companies can offer crooks a potential way to create social engineering tricks to deceive email users. After all, the law of numbers demands that if you send these scam emails out to enough people, at least some of those recipients will be keen to hear about new potential job prospects.
Sponsored Content. Continued below...
The scam emails that have been landing in our inbox this week have been impersonating Michael Page, a reputable recruitment company that operates in the UK and US and elsewhere. The emails claim that a profile page has been set up for the recipient and urges the recipient to review their new profile page by clicking a link.
Recipients who click the link are asked to complete a CAPTCHA puzzle (below) before then being prompted to download documents.
Those “documents” actually arrive in the form of a compressed ZIP folder, and inside that ZIP folder is a web shortcut file disguised as a PDF document (the crooks have just added .pdf into the filename). That web shortcut – if opened – directs to malicious websites that will proceed to download … you guessed it … malware, onto a victim’s device.
That means these scam emails are nothing more than phishing scams designed to lure victims into downloading malware.
Sponsored Content. Continued below...
There are, of course, plenty of red flags to warn potential victims before it’s too late.
Firstly if you haven’t signed up for Michael Page, then you shouldn’t get an email from them. Unsolicited emails like this are usually the first warning.
Secondly the emails – as with most generic mass-mailed phishing scams – use generic greetings. Most of these emails use the greeting “Dear jobseeker”.
Thirdly the link in the emails doesn’t direct users to the official Michael Page website. They go to patently spoofed domains such as michael-page-uk-s04.com. Hopefully most of our readers will know not to trust anything from such a domain.
Fourthly check the From: email address. While in many cases this can be spoofed to appear legitimate, in the case of these Michael Page scam emails, the From: email address were from random domains, thus easily revealing the emails to be fake.
Finally in this day and age, reputable companies are rarely going to send you unsolicited emails requesting that you complete the dreaded combination of clicking a link and then downloading a file. Any request to do this should be treated as a scam by default.
Michael Page has warned potential victims of the global phishing email campaign on their website here.