https://www.crowdstrike.com/en-us/blog/recruitment-phishing-scam-imitates-crowdstrike-hiring-process
Cybercriminals are targeting developers with a new phishing campaign that impersonates CrowdStrike, a cybersecurity company. The campaign tricks victims into downloading a malicious application that installs a cryptominer on their devices.
Here’s how the scam works:
- Phishing Email: The attacker sends a phishing email that appears to be from a CrowdStrike recruiter. The email congratulates the recipient on being shortlisted for a junior developer position and asks them to schedule an interview.
- Malicious Link: The email contains a link that takes the victim to a fake website that looks like a legitimate CrowdStrike domain.
- Fake CRM Application: The website prompts the victim to download a “customer relationship management (CRM)” application to schedule the interview. However, this application is actually malware.
- Cryptominer Download: Once downloaded and installed, the malware downloads and installs a cryptominer on the victim’s device. Cryptominers use the victim’s device to mine cryptocurrency for the attacker.
This is a sophisticated phishing campaign that leverages the credibility of a well-known company. Here are some tips to avoid falling victim to this scam:
- Be wary of unsolicited emails: Don’t click on links or download attachments from emails from unknown senders.
- Verify the sender’s email address: If you receive an email from a recruiter, carefully check the email address to make sure it’s legitimate.
- Don’t download software from untrusted sources: Only download software from the official website of the company.
- Be suspicious of urgent requests: If an email asks you to take immediate action, it’s probably a scam.