The FBI is reporting losses of more than $150,000 for companies who posted job openings asking interested individuals to email them their resume for consideration. Fraudsters would send either a malicious email or malicious/fake resume to the address which would install a credential stealing Trojan Horse virus on the recipient’s computer.
Avoiding this scam can be tricky do to the unknown nature of the responders to the application requests. Companies seeking job applicants should scan all incoming email with antivirus software. When possible, companies should use a separate computer for all of their financial transactions so that a compromise through email does not affect their accounts. It is also suggested that users not open any attachments and instead reply to the sender requesting a plain text version of their application or resume.