Cybersecurity experts from CrowdStrike have identified a new phishing scheme aimed at job seekers. Scammers impersonate the company’s HR managers and send emails inviting victims to job interviews. These emails include links to fake websites mimicking popular job search platforms.
Potential victims are asked to download a fraudulent CRM application for employees. Instead of legitimate software, their devices are infected with the XMRig miner, which is used to mine Monero cryptocurrency.
Once installed, XMRig embeds itself in critical system directories and deploys scripts to ensure it restarts every time the system is powered on. To avoid detection, the miner limits its resource usage but gradually reduces the device’s performance over time.
Recommendations from CrowdStrike
CrowdStrike has emphasized that, like most companies, it never asks job candidates to download any software as part of the interview process. Users are advised to verify all job invitations and postings through official company channels. Additionally, experts recommend avoiding links from suspicious emails.
According to a report by the analytics firm CertiK, phishing attacks in 2024 have caused record-breaking losses exceeding $1 billion. Stay vigilant and double-check information to protect yourself from such scams.
Related Articles:
- ZachXBT: Hacker Stole $500K via Phishing Attacks on X
- Scammers Target Pudgy Penguins NFT Users Through Google Ads
This post is for informational purposes only and is not an ad or investment advice. Please do your own research making any decisions.