Symantec Security Response has recently discovered a new twist on an old problem for those seeking a new position. In the past, there have been scams targeting job seekers, just as there are scams targeting almost any vulnerable group (i.e. children, elderly, online daters). Some of the previous job-seeker scams required applicants to cough up fees to sign with work agencies, pay set up costs for “work at home” schemes, and so on. When the FBI nabbed the money laundering team of the Zeus Trojan crime ring, the participants were referred to as “money mules.” Many of them were in the United States on temporary or student visas, using their time in the US to establish bank accounts and other credentials to launder money obtained with stolen online banking credentials. The piece of malware that recorded the victim’s online banking credentials was called “Zeus.” But the money mules in the Zeus story were willing cybercriminal participants.
The new money mule scam our researchers are reporting doesn’t use willing participants to launder money. No, it targets people who have innocently posted their resumes online or responded to job ads. A vigilant cybercriminal or team of crooks is monitoring job boards and using information on the posted resumes, contacting the hopeful applicants about potential opportunities with “art dealers” or other fake businesses. The victims are sent forms to fill out, requiring a long list of private financial details, in return for an opportunity to be considered for the position of “payment processor.” Sometimes the form is part of a “suitability test” and the applicant is to provide name and account numbers on their bank account, online banking login information including passwords and whether or not a local branch of a major financial wire house is nearby.
We’re concerned that anyone might fall for this scam so if you are a Norton customer who unwittingly downloads the interactive form, you will be happy to know that your up-to-date Norton security software will detect this scam as “Fakesurvey.”
Don’t be afraid to use legitimate online job sites. I was hired by Symantec 14 years ago through an online job posting. A good strategy is to double check online postings on job sites to see if the position is also on the company’s own career portion of their website. Of course the very best job seeking strategy is to be cautious, aware of whom you are dealing with, limit the amount of private information you post online and never respond to an unsolicited job opportunity such as this. No one should ask for or receive banking information and certainly never your online bank account login credentials. It is possible you will be asked for your Social Security Number on a job application, as it is common to run credit checks on possible employees. Keep track of any such submissions and make sure you regularly review your credit report at www.annualcreditreport.com.