9
English
Afrikaans
Albanian
Amharic
Arabic
Armenian
Azerbaijani
Basque
Belarusian
Bengali
Bosnian
Bulgarian
Catalan
Cebuano
Chichewa
Chinese (Simplified)
Chinese (Traditional)
Corsican
Croatian
Czech
Danish
Dutch
Esperanto
Estonian
Filipino
Finnish
French
Frisian
Galician
Georgian
German
Greek
Gujarati
Haitian Creole
Hausa
Hawaiian
Hebrew
Hindi
Hmong
Hungarian
Icelandic
Igbo
Indonesian
Irish
Italian
Japanese
Javanese
Kannada
Kazakh
Khmer
Korean
Kurdish (Kurmanji)
Kyrgyz
Lao
Latin
Latvian
Lithuanian
Macedonian
Malagasy
Malay
Malayalam
Maltese
Maori
Marathi
Mongolian
Myanmar (Burmese)
Nepali
Norwegian
Pashto
Persian
Polish
Portuguese
Punjabi
Romanian
Russian
Samoan
Scottish Gaelic
Serbian
Sesotho
Shona
Sindhi
Sinhala
Slovak
Slovenian
Somali
Spanish
Sudanese
Swahili
Swedish
Tajik
Tamil
Telugu
Thai
Turkish
Ukrainian
Urdu
Uzbek
Vietnamese
Welsh
Xhosa
Yiddish
Yoruba
Zulu
Security researchers have discovered malicious files masquerading as CVs online that lure victims into giving up their banking passwords and other financial information.According to Check Point, the malicious Microsoft Excel files were sent via email with subject lines such as applying for a job or regarding job.
When victims open the attached files, they are asked to enable content and this allows for the ZLoader malware to be installed on their computers.
This banking malware is designed to steal credentials and other private information from users of targeted financial institutions.The malware also has the ability to steal any passwords and cookies stored in victim's web browsers.
Using this stolen information, cybercriminals can then connect to the victim's system and make illicit financial transactions from the banking user's legitimate device.Check Point researchers have recently seen an increase in CV-themed scams in the US.
During the past two months, the number of malicious files in CVs doubled with 1 out of 450 malicious files identified related to a CV file as cybercriminals try to exploit layoffs and remuneration schemes during the pandemic.In addition to CVs containing malicious files, Check Point researchers also found an increase in malicious medical leave forms circulating online.The documents, which use names such as COVID -19 FLMA Center.doc, infect victims with the IcedID banking malware that targets banks, payment card providers, mobile service providers and e-commerce sites.The aim of this malware is to try and trick users into submitting their credentials on a fake page as well as their authorization details that can be used to compromise user accounts.
These malicious files were sent via email with the subject line The following is a new Employee Request Form for leave within the Family and Medical Leave Act (FMLA).
To lure victims into opening these forms, cybercriminals sent them from different sender domains like medical-center.space.Manager of data intelligence at Check Point, Omer Dembinsky provided further insight on the findings of the company's researchers, saying:As unemployment rises, cyber criminals are hard at work.
They are using CVs to gain precious information, especially as it relates to money and banking.
I strongly urge anyone opening an email with a CV attached to think twice.
It very well could be something you regret.
