Searching for jobs online? Your sensitive information can be at risk - Know how to be safe

Safe Job Search Online: We are listing news about layoffs almost every day. The current economic climate globally is grim but there are people out there who are taking advantage of this situation. Due to ongoing layoffs, several job seekers are hunting for suitable jobs and most of the time people search for them online. Taking advantage of this, cybercriminals are using phishing and malware campaigns to target job seekers and are stealing sensitive information.

How do phishing attacks target job seekers?

In phishing attacks, job seekers receive emails from fake companies or recruitment agencies. The mail asks job seekers to share personal information or login credentials. These emails, which look legitimate, are designed to steal sensitive information. According to research by cyber-security firm Trellix, these emails steal information such as passwords or financial information.

Malware campaigns targeting job seekers

In malware campaigns, people searching for jobs online get malicious attachments or URLs to websites. These malicious attachments can infect their devices with malware or download malicious software. The malware can then be used to steal sensitive data or gain unauthorised access to the job seeker's device and the data stored on it, according to the report.

Moreover, the report highlighted that employers are also being targeted by cybercriminals. For this, these attackers pose as job seekers and exploit employers by delivering malware through attachments or URLs that are disguised as resumes or identification documents of the applicant.

The report said that such attacks are becoming increasingly common as cybercriminals take advantage of the high volume of job applications that employers receive. These attacks aim to gain unauthorised access to sensitive information, steal personal data, and disrupt the organisation's operations.

Cybercriminals try to make job-themed emails look legitimate

According to the report, it was observed that cybercriminals are utilising fake or stolen documents, such as social security numbers and driver's licenses, to make job-themed emails appear more legitimate.

Cybercriminals hope to increase the perceived credibility of the email by including fake or stolen documents, making it more likely that the recipient will fall for the scam.

The researchers found that more than 70 per cent of all job-themed cyberattacks were targeted towards the US.

The attacks were also observed in other countries like Japan, Ireland, UK, Sweden, Peru, India, the Philippines, Germany, and more, even though the percentage of attacks towards other countries was significantly lower than in the US, the report mentioned.

How to be safe?

It is always advised to be extra careful while replying to any email or clicking links mentioned in the mail sent by unknown people. Also, crosscheck websites before sharing any personal information.