“Greetings! I am writing to express my strong interest in working for your company”. This is how a malicious email starts. It has been intercepted by Gatefy's email security solution. In the message, the cybercriminal continues: "Please find attached my CV”. The big problem here: the attached file is a malicious one, which has been identified as a trojan.
If you don’t know, trojan is a type of malware widely used in attacks, intrusions and data breaches. It’s even used as a gateway to other more dangerous and advanced threats, such as ransomware.
Now imagine the damage that an apparently simple email, with a curriculum vitae attached, can do to a company.
In this scam, the attacker uses an iso file. But iso files refer to the image of an optical disc, such as a CD or DVD. In other words, iso files have no connection with a curriculum vitae or resume, which is usually generated in pdf format.
We aren't saying that pdf files are completely safe and reliable. Quite the opposite. They can also be dangerous. But, in a first reading of the email, an iso file already indicates something strange, out of the ordinary. That is, something very suspicious that requires attention.
In addition, another factor that causes strangeness and doubt is the attacker's domain. The message's sender is email@example.com. A quick search on the internet shows that the intercoil.com domain is owned by a Dubai-based company that works with sleep products.
Apparently, the cybercriminal is using the domain of a legitimate company to apply scams and spread malware, which characterizes a spoofing scam.
How email spoofing works
In short, email spoofing occurs when a scammer creates a false sender to deceive victims. In fact, most of the time, the bad guy appropriates a brand and its credibility to commit fraud and scams.
According to the FBI, in 2019, around 25,000 cases of spoofing were reported worldwide, totaling losses of USD 300 million. By the way, spoofing is one of the fastest-growing scams according to the United States agency.
How to fight spoofing attacks
In the case of emails, there are message authentication mechanisms and solutions that help fight spoofing, such as the Gatefy Anti-Fraud Protection, a solution that uses DMARC, SPF and DKIM to protect your company's brand and domain.
A Secure Email Gateway (SEG) is another solution that prevents and fights email attacks, such as phishing and social engineering, for example. Email gateway and anti-fraud products work together for more complete protection.
Besides that, security awareness is very important as well. Therefore, it's essential that you and your team pay attention to emails and websites that require confidential information, carefully check email addresses and websites, and don’t click on suspicious attachments and URLs.
Check out the malicious email
I am writting to express my strong interest in working for your company.
Please find attached my CV.
I will be highly thankful if you grant me the opportunity to appear for an interview.