Malicious email with a resume attached

Real World Examples of Social Engineering Attacks

Social engineering is basically defined as manipulating people into giving up confidential information. Social engineering can occur in person, by phone, or electronically (phishing email, fake website, etc.) and is the easiest way to breach a company, network, computer, etc. Your network and/or devices can be extremely secure, but clicking on one malicious link or attachment within a phishing email, visiting a malicious website, downloading a malicious app/program/file, or allowing a malicious person physical or virtual access to your device and/or office can slice right through your security. Attackers have found clever ways to use human nature against us to trick us into clicking something, revealing private information or allowing physical or virtual access to things we wouldn't normally do. We will go over some common warning signs to look for, provide ways to prove the legitimacy of an email, verify someone's identity, as well as provide examples of actual, real world social engineering attacks to help you better protect yourself, your family, friends, and clients/customers.

Lately there has been a push of phishing emails containing malicious resume’s. Sometimes they are sent to people in human resources (HR), job placement personnel, hiring managers, etc., but there are times where the same emails have been sent to normal people not in the job hiring process. In this instance, the email recipient didn’t pay attention to the warning signs and ended up being infected with ransomware. We will go through the email and point out the warning signs that should have alerted the recipient to its malicious intent.

A lot of people know to ignore unsolicited emails with suspicious attachments, but is a resume’ considered a “suspicious” attachment? It should be if it is sent from someone you don’t know, but yet people still open them. Here are some screen shots of such a phishing email with some warning signs to look for.

Here is the email the recipient received:

The main warning sign is the use of a password. There’s no reason someone would password protect their resume, especially if they were sending it to someone they thought would help get them a job.

When the recipient attempted to open the attachment, they were presented with a password prompt.

Again, having to enter a password for an attachment, especially one from someone you don't know and for a resume' is a clear warning sign something isn’t right.

After typing the password, the recipient was presented with the following.

There's no reason to enable macros in a resume', so yet another warning sign for the recipient.

The recipient enabled macros and ended up being infected with ransomware. They were presented with the following screen.

It is recommended from everyone in the security industry, government agencies, etc., to NEVER pay the ransom. It will possibly make you a bigger target in the future, there are times where the decrypt key doesn't work to unlock the files, etc.

The best defense against ransomware is to have good backups and of course be cautious about opening attachments or clicking links in unsolicited emails, especially emails with malicious warning signs.

Logical Cybersecurity

Logical Cybersecurity

Real World Examples of Scams and Phishing Emails

Logical Cybersecurity

Real World Examples of Social Engineering Attacks

Malicious email with a resume attached