Job-themed cyber threats on the rise

News Desk -

Share

Proofpoint, Inc., a cybersecurity and compliance company, has identified a threat known as employment fraud that is heavily impacting higher education organizations.  Proofpoint researchers routinely identify and block employment fraud threats that attempt to entice victims with a simple, work-from-home job.

COVID-19 has exacerbated this threat as many employers have shifted to remote work, and working from home is becoming more expected and desirable. Since the implementation of widespread remote working, 76 percent of CISOs in the UAE have seen an increase in targeted attacks. In fact, some identified threats will include COVID-19 in their job description or as a reason for being remote.

Nearly 95% of the job-related threats recently identified by Proofpoint are aimed at educational institutions, primarily colleges and universities. Worryingly, according to Proofpoint’s 2021 Voice of the CISO report, half of UAE CISOs in the education sector believe that human error is their organization’s biggest cyber vulnerability, and because these threats target people, the attack surface is widened.

“These threats can cause people to lose their life savings or be tricked into participating in a criminal operation unknowingly. They are very concerning for universities especially, and Proofpoint detects and blocks thousands of employment fraud threats weekly that could harm their students and faculty.” said Sherrod DeGrippo, Vice President of Threat Research and Detection at Proofpoint.

This threat comes in many forms, including job opportunities as caregivers, mystery shoppers, administrative assistants, models, or rebate processors. Because of the job theme and the attacker’s ultimate end result or goal, employment fraud differs from other threats such as Advanced Fee Fraud (AFF). A recipient may be “hired” for a job, role, or function that aids the attacker. With AFF the attacker is hoping to get a small amount money upfront by promising big money later. 

Universities may be targeted by threat actors for a variety of reasons. Students are more likely to be open to flexible, remote work opportunities; international students may not recognize tell-tale signs of fraudulent emails as well as native English speakers; and rising inflation and educational costs are putting a strain on students’ finances, making the promise of quick cash more appealing.

Key components of fraudulent job offers may include:

  • An unexpected job offer received from a free mail account such as Gmail or Hotmail, spoofing a legitimate organization
  • Nonexistent or overly simplistic interview questions with little to no information about the job duties
  • Receiving a “paycheck” almost immediately after beginning a discussion with a sender
  • A sender encouraging a recipient to switch to a personal email or chat account to discuss the job opportunity
  • Language such as requesting a “quick task” be completed, especially if it involves sending money via mobile applications or Bitcoin addresses