The FBI issued a warning today about scammers targeting businesses by responding to job postings with malware.
According to the feds, an unidentified business was recently scammed for $150,000 via an unauthorized wire transfer. The scammer targeted the business with an e-mail containing malware. The e-mail was in response to a job posting the business placed on an employment Website and allowed the attacker to get his or her hands on the online banking credentials of the person authorized to conduct financial transactions within the company.
“The malicious actor changed the account settings to allow the sending of wire transfers, one to the Ukraine and two to domestic accounts,” according to the notice from the FBI’s Internet Crime Complaint Center (IC3). “The malware was identified as a Bredolab variant, svrwsc.exe. This malware was connected to the ZeuS/Zbot Trojan, which is commonly used by cyber criminals to defraud US businesses.”
The FBI’s advice: Be careful what attachments you open.