About Us | Contact Us
View Cart

Response E-mail to Online Job Postings May Contain Malware

By Vigilize | Thursday, January 20, 2011 - Leave a Comment

It has come to our attention that recent FBI analysis has revealed that cyber criminals engaging in ACH/wire transfer fraud have targeted businesses by responding via e-mail to employment opportunities posted online.

Recently, more than $150,000 was stolen from a US business via unauthorized wire transfer as a result of an e-mail the business received that contained malware. The malware was embedded in an e-mail response to a job posting the business placed on an employment website and allowed the attacker to obtain the online banking credentials of the person who was authorized to conduct financial transactions within the company. The malicious actor changed the account settings to allow the sending of wire transfers, one to the Ukraine and two to domestic accounts. The malware was identified as a Bredolab variant, svrwsc.exe. This malware was connected to the ZeuS/Zbot Trojan, which is commonly used by cyber criminals to defraud US businesses.

The FBI recommends that potential employers remain vigilant in opening the e-mails of perspective employees. Running a virus scan prior to opening any e-mail attachments may provide an added layer of security against this type of attack. The FBI also recommends that businesses use separate computer systems to conduct financial transactions.

Anyone who believes they have been a target this type of attack should immediately contact their financial institutions and local FBI office, and promptly report it to the IC3‘s website at www.IC3.gov. The IC3‘s complaint database links complaints together to refer them to the appropriate law enforcement agency for case consideration. The IC3 also uses complaint information to identify emerging trends and patterns.


The Internet Crime Complaint Center (IC3) is a partnership between the Federal Bureau of Investigation (FBI), the National White Collar Crime Center (NW3C), and the Bureau of Justice Assistance (BJA). IC3’s mission is to serve as a vehicle to receive, develop, and refer criminal complaints regarding the rapidly expanding arena of cyber crime.


Latest News
    Ransomware payments sent to countries under sanctions could result in fines… An article review. Whether or not to pay the organization behind a ransomware attack has been a hotly debated subject for many years, but a new advisory issued by the Treasury Department’s Office of Foreign Assets Control (OFAC) warns those who do pay up […]
    Welcome Webinar Attendees! You can download the deliverables by clicking on the link below. Boilerplates/Handouts Click here to download files.        
    Another awareness poster for YOUR customers (and users).  Now that we have our own employees aware, maybe it’s time to start posting content for our customers! Download the large versions here: Awareness Poster (Portrait) Awareness Poster (Landscape)   You are welcome to print out and distribute this around your office. Data by Rob Sobers, writing […]
    Thanks for being interested in our Technology Planning Webinars! This year‘s annual webinar on the subject will include a review of the previous years’ movies that are already available, and a discussion about alternative tactics that have arisen from recent virtual conferences and regulator panels. It’s not too late to register for the 2020 Technology […]
    Check out the Sponsor Video! We will be updating the video on YouTube in the coming days, but will include the credits so everyone is recognized for all their hard work. Like our Facebook, Twitter, and Subscribe on YouTube for further updates! Credits Producer: Bryan Bonnell “K0s$” Director: Sara Fultz Editor: Sofia Tafoya Wardrobe: Our […]