Social engineering. Cybercriminals posing as recruiters to approach staff with bogus job offers

By Fernando MateusIn Cyberpsychology, Employee Cyber Risk, Insider intelligence, Strategic directionPosted 29 November, 2020

Ingeniería social. Ciberdelincuentes se hacen pasar por reclutadores para acercarse al personal con ofertas de trabajo falsas.

Foto de fauxels en Pexels

#kymatio #internalrisk #awareness #humanfirewall #notonlyphishing

Cybercriminals posing as recruiters on networks like LinkedIn and WhatsApp to approach AstraZeneca staff with bogus job offers.

LONDON (Reuters) – Suspected North Korean hackers have attempted to break into the systems of British pharmaceutical company AstraZeneca in recent weeks as the company rushes to roll out its COVID-19 vaccine.

The hackers posed as recruiters on LinkedIn and WhatsApp to approach AstraZeneca staff with bogus job offers, the sources said. They then submitted documents purporting to be job descriptions that were infected with malicious code designed to access the victim’s computer.

The hacking attempts targeted a “broad set of people,” including staff working on the COVID-19 investigation, one of the sources said, but they are not believed to have been successful.

AstraZeneca, which has become one of the top three developers of COVID-19 vaccines, declined to comment.

Any stolen information could be sold for profit, used to extort money from victims or give foreign governments a valuable strategic advantage as they fight to contain a disease that has killed 1.4 million people around the world.

It is absolutely key to actively work with employees on the multiple possible methods of social engineering attack.

Related information:

Kymatio launches a module to manage the risks of employee’s digital exposure

Related information:

New Kymatio module prepares employees for social engineering techniques

Fernando Mateus

https://www.linkedin.com/in/mateus/

Alert! Cyber scams now use QR codes to steal your user credentials 14 September, 2023
Today, cybercriminals have the ability to devise attacks and deceptions using any form of technology available. This implies that, when browsing the internet and also in the offline world, we must be careful in our actions, since we could fall into traps. In this article we will focus on the phenomenon known as QRishing or […]
Kymatio
Barbie Movie Phishing Alert: Don’t Be Fooled By Scams 8 August, 2023
Beware Of Barbie Scams – What You Should Know After The Recent Movie Release The Barbie movie has captivated audiences around the world, breaking box office records and generating tremendous excitement and enthusiasm among fans. However, as with any major news story, cybercriminals are quick to exploit the fervor surrounding the film for their own […]
Kymatio
Cybersecurity: also within the family 1 August, 2023
To many, the term “cybersecurity” may sound like a word related to the organizational field. Although it is true that it is a very important factor to take into account to ensure the security of the information that we handle in our workplace, it is not the only moment in which we must keep it […]
Andrea Zamorano
What is reverse social engineering and what makes it so dangerous? 18 July, 2023
In other previous publications we have already commented on the huge problem that social engineering represents today, both for organizations and for individuals. This is one of the main attack methods used by cybercriminals, and it does not seem to be stopping. Let’s remember that social engineers seek to exploit people’s vulnerabilities in order to […]
Andrea Zamorano
Sifted has chosen Kymatio as one of the startups to watch in the Deeptech-Cybersecurity category. 18 June, 2023
Sifted has included Kymatio in their prestigious selection of startups to watch, specifically in the Deeptech-Cybersecurity category. This recognition highlights Kymatio’s innovative approach and positions them as a leading player in the field. From Madrid to Milan, Bucharest to Berlin, startup innovators are rewriting the economy’s rules and making waves across the continent. With some […]
Kymatio
🔒 Cybersecurity and AI-Generated deception: Protecting authenticity in the digital era 🔒 10 June, 2023
In its most basic sense, a deepfake is a combination of artificial intelligence technologies that clone faces and voices, allowing the creation of computer-generated videos that resemble real individuals. In terms of security, deepfakes are going to be a nightmare. #artificialintelligence #security #humanfirewall #neurophishing Kymatio – Human Firewall Activation The growing popularity of artificial intelligence […]
Fernando Mateus
Responsibility of the board of directors against cybersecurity risk. Recommendations. 9 May, 2023
In 2022, a record number of cyber attacks was reached. There was a particularly notable increase in those based on obtaining the credentials of template members, installing malware, phishing, smishing or denial of service. It is worth noting the interest that criminals have in attacking employees and their derived risk towards the supply chain. This […]
Fernando Mateus
Beware off SMS text messages! The ‘Smishing’ returns 2 March, 2023
Have you received messages that say something like this: “For security reasons, we have blocked your card. Verify your account to activate access in the following link”, or “We have detected unusual movements in your bank account, by prevention, if not have you confirmed on our website by clicking on the following link “? These […]
Rafael Tuñon
Kymatio’s new AI prepares employees in a fully personalized way against Social Engineering attacks 1 March, 2023
Image by Gerd Altmann from Pixabay Kymatio® launches its new Social Engineering module so that employees can learn how to better protect themselves against this type of attack. Cybercriminals take advantage of people’s vulnerabilities to successfully carry out their attacks. To combat them, Kymatio® has developed neurophishing and neurosmishing functionalities. What are neurophishing and neurosmishing? […]
Kymatio
The human element is behind security breaches. We reviewed DBIR Verizon’s report on data breaches in 2022 and possible solutions 26 January, 2023
The human element continues to drive security breaches. In 2022, 82% of the breaches involved the human element. DBIR 2022 Verizon This is stated in the publication of Verizon 2022 Data Breach Investigations Report. It has already been 15 years since Verizon’s first annual data breach investigation report was released. In the 2022 edition, the 108-page […]
Fernando Mateus