HR departments targeted by fake CVs & held to ransom by virus

HR departments targeted by fake CVs & held to ransom by virus

An email hacking virus is now targeting HR departments and forcing professionals to pay a ransom or lose all of their files.

The Inquirer reports that a ransomware called GoldenEye is targeting the departments with fake job applications, taking advantage of the fact that HR are accustomed to opening emails from unknown sources. The scam, which is playing out in Germany, starts with a relatively normal looking job application with two files attached.

The first is a normal CV, designed to lure you into a false sense of security, whereas the second contains malicious software.

Check Point, a security firm, explained: “When a user clicks ‘Enable Content’, the code inside the macro executes and initiates the process of encrypting the files, denying the victim access to his or her files.

“GoldenEye then, appends a random eight-character extension to each encrypted file. After all the files are encrypted, GoldenEye presents the ransom note: ‘YOUR_FILES_ARE_ENCRYPTED.TXT’. After displaying the ransom note, GoldenEye forces a reboot and starts encrypting the disk.

"This action makes it impossible to access any files on the hard disk. While the disk undergoes encryption, the victim sees a fake ‘chkdsk’ screen, as in previous Petya variants."

The ransom note demands 1.3 BitCoins (BTC), which is the equivalent of £810, for the return of the data. 

Most Read

Guide to Outplacement and Career Transition

Guide to Outplacement and Career Transition 2016

Get ahead of the game by registering now

* By registering you agree that you have read and agree to our Terms and Conditions and that Executive Grapevine International Ltd and its partners may contact you regarding relevant content and products.

Related Insights

HR Grapevine Magazine Latest Issue

Magazine Features

Read More