October 06, 2010Google Resume Malware Lure
I left my last job in 1981, so I knew instantly that this email message was not 4realz. But lots of folks are looking for work, and when a message claiming to come from Google Staffing arrives, you probably pay attention.
And that's bad.
Here's the message, with a From: field showing firstname.lastname@example.org:
Subject: Thank you from Google!
We just received your resume and would like to thank you for your interest in working at Google. This email confirms that your application has been submitted for an open position.
Our staffing team will carefully assess your qualifications for the role(s) you selected and others that may be a fit. Should there be a suitable match, we will be sure to get in touch with you.
Click on the attached file to review your submitted application.
Have fun and thanks again for applying to Google!
The attachment (mine was named CV-20100120-112.zip, as in Curriculum Vitae) has decent antivirus coverage (68%, including all brand-name AV tools), so that should help slow the success of this particular Trojan. The sender went one extra mile to try to trick techie recipients who might look into the message's header. He forged the sending domain to read "google.com", but the IP address belongs to someone else entirely. Any techie who fell for that wouldn't make it through the first interview if they should ever really apply for a Google job.
Employment continues to be a HUGE avenue for spammers, scammers, and crackers. Any time you receive an unexpected email regarding a new job, you should deploy all defensive shields immediately.