THREAT LEVEL: HIGH
Beware of unsolicited resumes!
This attack uses both infected attachments, and compromised websites to infect your computer!
Unsolicited resumes have been received worldwide. The email contains a zip file the sender claims is a copy of their resume. The zip file contains extremely nasty malware, called the Angler exploit kit (EK), that attacks your computer from several angles at the same time, until it finds a vulnerability.
Sample of an actual received email:
Since the end of May, CyberCriminals have started 2 new ransomware attacks, using both malicious spam and the Angler exploit kit (EK). The attack wave increased significantly since the beginning of June.
Both campaigns are very active as of Friday June 12th.
The path of infection:
How To Prevent Infection:
- DO NOT open any attachments that look anything like “my_resume.zip”.
- DO NOT visit unknown websites.
- Make sure all the applications on your computer are up to date.
- You can go to Secunia to download the free Secunia PSI. This scans for old software versions that need to be updated.
- Call Technology by Design at 1-204-800-3166 and ask about our Core Security Package.