Malware attack: ‘New resume: Please review my CV, Thank you!’

In the current economic climate many people may find themselves in the unfortunate position of having to look for a new job, and human resources departments around the world are probably becoming more used to finding ad-hoc applications arriving out of the blue in their email inboxes.

Well, if you receive an email claiming to be a resume (or CV as we usually call them here in the UK) you should exercise some caution, as there’s a malware attack currently being spammed out around the world – designed to infect your computer.

New resume malware attack

The emails, which are short and to the point, have the following characteristics:

Subject: New resume
Attached file:
Message body: Please review my CV, Thank you!

Hmm.. hardly the most convincing job application I’ve ever seen – they haven’t even given any clues as to which role they might be applying for. However, you or some of your users might still be tempted to open the attached CV to see if it sheds any more clues as the point of the communication.

And if you do make the mistake of open the attached file, you risk infecting your Windows computer with malware.

Sophos is intercepting the threat proactively as Troj/Invo-Zip and Mal/EncPk-NS. Users of other security products would be wise to check that they are up-to-date, just in case.

Don’t make life easy for the cybercriminals. Always remember to be suspicious whenever you receive an unsolicited email out of the blue. After all, you could be making your very own career-limiting move if you help a hacker’s malware break into your company.