Social engineering. Cybercriminals posing as recruiters to approach staff with bogus job offers

Foto de fauxels en Pexels

#kymatio #internalrisk #awareness #humanfirewall #notonlyphishing

Cybercriminals posing as recruiters on networks like LinkedIn and WhatsApp to approach AstraZeneca staff with bogus job offers.

LONDON (Reuters) – Suspected North Korean hackers have attempted to break into the systems of British pharmaceutical company AstraZeneca in recent weeks as the company rushes to roll out its COVID-19 vaccine.

The hackers posed as recruiters on LinkedIn and WhatsApp to approach AstraZeneca staff with bogus job offers, the sources said. They then submitted documents purporting to be job descriptions that were infected with malicious code designed to access the victim’s computer.

The hacking attempts targeted a “broad set of people,” including staff working on the COVID-19 investigation, one of the sources said, but they are not believed to have been successful.

AstraZeneca, which has become one of the top three developers of COVID-19 vaccines, declined to comment.

Any stolen information could be sold for profit, used to extort money from victims or give foreign governments a valuable strategic advantage as they fight to contain a disease that has killed 1.4 million people around the world.

It is absolutely key to actively work with employees on the multiple possible methods of social engineering attack.