Title Image

Should You Trust Online Resumes

Should You Trust Online Resumes

Computer hackers keep coming up with new ways to spread their malware. The latest ploy used the resume-posting site CareerBuilder as a launching platform to get their programs into the computers and onto the servers of various companies looking for employees through that site. It’s anticipated that this was a trial run and that other similar sites will also be targeted by the phishing scheme according to IT security provider Proofpoint Inc.

Here’s how the attack worked. An anonymous person posted a resume to the job site. The resume was in MS Word Rich Text Format (RTF) and had malware routines hidden within an included JPEG. Depending on the type of job that was being sought and the “qualifications” of the applicant, CareerBuilder would disperse those resumes via email to companies looking for certain types of applicants. The infected images were not detected because most anti-virus security programs do not scan JPEGs. Recipients would also be less likely to be suspicious of an image. Even security specialists checking potential incidents would not suspect that image files were hiding the malware they were seeking.

Since the emails came from CareerBuilder, a trusted source, recipients had no reason to suspect that malware would be included in the resume. Companies would open the resumes, which would begin the attack. In fact, the human resource departments of the companies that received these emails would forward them to other departments with the original resumes attached. The resumes were tailored to target jobs in engineering and finance, including “business analyst,” “web developer” and “middleware developer.”

Small-scale attack

Proofpoint informed CareerBuilder as soon as the scheme was discovered. Fewer than 10 emails containing the malware were distributed. It then went on to say that CareerBuilder “took prompt action to address the issue.” The malicious attachments were MS Word documents named “resume.doc” and “cv.doc.”

One possible reason for the relatively small-scale attack is that a fictitious profile had to be established, and the jobs had to be applied for directly. This would be time-consuming and labor-intensive.

High rate of success

Most phishing attacks have a low success rate. Only 23 percent of people who receive a phishing email will open it, and only 11 percent of those who do click on the link in the email to the malware. However, since these emails came from a vetted source, the rate of infection would be extremely high.

Dealing with these emails

If you’re a recruiter, you need to be careful, but don’t over-react. Proofpoint contacted other similar sites, and those companies have most likely amped up their security and warned their customers.

Proofpoint also offered suggestions to these career websites. Resumes should be scanned when they’re uploaded for malware. The documents could be exported to a remote site, and links to the resumes could be sent to potential employers.

Employers are encouraged to discuss the situation with their own IT security team to develop a course of action. Excellent employees are too valuable to slip through the cracks because you feared their resumes might be infected.

Coming Soon!

The New Private Eyes Platform.

Background Checks | LegacyLender Solutions | Login

For any questions contact us at (925) 927-3333.

Site Security Notification

 

Use the buttons below to continue your login.

For SITE SECURITY purposes and to ensure that this service remains available to all users, this computer system employs software programs to monitor network traffic to identify unauthorized attempts to upload or change information, or otherwise cause damage. Unauthorized attempts to upload information or change information on this service are strictly prohibited and may be punishable under the Computer Fraud and Abuse Act of 1986 and the National Information Infrastructure Protection Act.

NOTICE: We will not obtain personally-identifying information about you when you visit our site unless you choose to provide such information to us.

Point of Contact for Security and Monitoring: Frank Santa Elena email: security@pebackgroundchecks.com Information Systems Security Officer (ISSO) for www.privateeyesbackgroundchecks.com phone (925) 927-3333.

For any questions contact us at (925) 927-3333.

Find the Right Lender Solution

Fill out the information below and we will contact you or call us at 925-927-3333



First Name*
Last Name*
Email*
Phone*
Company*
Street
City
State
Zip Code
Number of Employees
Where did you hear about Private Eyes?

Find the Right Background Screening Solution

Fill out the information below and we will contact you or call us at 925-927-3333.



First Name*
Last Name*
Email*
Phone*
Company*
Street
City
State
Zip Code
Number of Employees
Where did you hear about Private Eyes?

Candidate Assistance

If Private Eyes is running your background check, please contact our Customer Service department. A person on our team will be more than happy to assist you

Email: CSS@pebackgroundchecks.com
Call: (925) 927-3333

Private Eyes Customer Assistance

If you are a current customer, please contact our Customer Service department. A person on our team will be more than happy to assist you.

Email: CSS@pebackgroundchecks.com
Call: (925) 927-3333