Imagine you’re casually scrolling through your LinkedIn newsfeed when you come across an ad for a position that you’re perfect for, at a company you’d love to be a part of. Considering you are on a website that knows your job title, industry sector, location, etc., you likely wouldn’t think much of it and proceed to find out more information, right? This is what the bad guys are betting on.
Once you respond to the ad and apply for your dream job, they’ll have your “would-be employer” respond and schedule a call, sometimes over Skype.
Once the bad guys have you where they want you–in your hopeful bliss of acquiring a new position–they’ll ask you to install a program (ApplicationPDF.exe) to “generate your online application”. What the program actually does is install malware on your computer.
LinkedIn’s reputation for being a professional networking platform inherently causes many of its users to lower their guard when it comes to cybersecurity. Just because an ad is on LinkedIn doesn’t mean you can trust it. Remember: Never download any questionable files (in this case ApplcationPDF.exe). If you’re interested in a position you find on LinkedIn, navigate to the company’s website to see if you can find it listed and apply for the position there.
Stop, Look, and Think. Don’t be fooled.