Researchers with security firm Proofpoint have identified a sneaky social engineering-style operation in which attackers are submitting weaponized Microsoft Word documents – in lieu of actual résumés – to job postings listed on the CareerBuilder website.
On CareerBuilder, employers that post job openings will receive an email notification when an applicant submits a résumé, and the résumé is included as an attachment in the notification, according to a Wednesday post.
View full story