The FBI has found that many cyber criminals are now targeting employers who have been posting employment opportunities online.
Scam artists are sending emails containing malware to businesses in response to an email ad and then accessing the online banking credentials of the person who was authorized to manage financial transactions within the company.
Here’s what you need to know about this particular type of scam:
What is this Type of Email Malware Scam?
While email scams are on the rise, this particular malware scam is one of the most damaging because it involves a company’s financial transactions.
The FBI reports that more than $150,000 was stolen from a U.S. business via unauthorized wire transfer as a result of an email that contained malware recently. The malware was embedded right in the email and was sent as a response to a job posting from an employer.
The attacker was able to obtain the online banking credentials of the person responsible for managing the financial transactions within the company and then changed the account settings to send wire transfers to domestic and overseas accounts.
The malware was connected to the ZeuS/Zbot Trojan, commonly used by cyber criminals around the country.
How the Email Malware Scam about Online Job Postings Works
These scams are designed to defraud the recipient by automatically authorizing a malware download onto the recipient’s computer and then extracting confidential or sensitive information. These strange emails are typically sent in response to a job ad.
How to Avoid the Email Malware Scam about Online Job Postings
The FBI recommends being vigilant when opening emails from anyone replying to a job ad and to always have an anti-virus program running to catch any potential viruses or malware downloads.
It’s also a good idea to run a virus scan before opening any email attachments. And authorities suggest using separate computer systems to conduct financial transactions.
What to Do If You Fall for the Email Malware Scam about Online Job Postings
If you have been victimized by this type of cybercrime, you should contact your financial institutions immediately and put an alert or “freeze” on your accounts. Contact the police, and also report the incident to the Internet Crime Complaint Center (IC3) by visiting www.ic3.gov. Another option is to contact your local FBI office right away. Make sure you provide plenty of details and any printed copies of the emails you received so that the authorities can trace where these were coming from.