Cybercriminals are taking advantage of the evolving jobs market and employee health situation under COVID-19 to disguise malware in various emailed documents. Check Point, a cyber-security company, reports an increase in the number of fraud attempts involving the use of curriculum vitae (CV) or medical leave forms.
The security vendor said that the ratio of CV-related malware to all detected malicious files doubled over the past two months. One campaign featured banking Trojan Zloader hidden in malicious .xls files in emails with subject lines such as "applying for a job" or "regarding job."
Separately, cyber-criminals have been taking advantage of interest in the U.S. Family and Medical Leave Act (FMLA) to lure administrative staff into opening attachments. Attachments with names like "COVID -19 FLMA CENTER.doc" have been sent via emails containing subjects that say: "the following is a new Employee Request Form for leave within the FMLA," according to Check Point.
Though the number of COVID-19 attacks fell by seven percent in May, as businesses begin to open again, the number of malware attacks predictably increased. Check Point explained that when the pandemic was at its peak in March, there was a 30 percent decrease in malware attacks compared to January 2020. This was because many countries went into quarantine and most businesses and other organizations were closed as a result, greatly reducing the potential number of targets for attackers. However, since opening began, there was a 16 percent increase in cyber-attacks in May, compared to the period between March and April. Phil Muncaster "Phishers Hide #COVID19 Malware in CVs and Medical Leave Forms" www.infosecurity-magazine.com (Jun. 08, 2020).