Do not open attached application documents!

As our cooperation partner Watchlist Internet reports, companies are currently receiving electronic application letters from supposedly job seekers.

For the detailed and attached “application documents of the candidates” you should open a file attachment in ZIP format. It contains executable Microsoft Windows applications that are malware.

Employees are not allowed to open these applications because they install the malware.

In the alleged application letters with the subject “Application for the advertised position – first name last name” the senders write:

Ladies and Gentlemen

Enclosed you will find my application for your advertised position. Please see my detailed and attached application documents to find out why I can fill the position optimally and offer your company numerous advantages through my experience in sales and customer service.

I look forward to a personal interview.

With best regards,
first name last name

The supposed job seekers send a portrait photo with their application and add the file attachment “First name Last name – Application date.zip” to it:

Source: Watchlist Internet
Source: Watchlist Internet

What happens when you open the fake application documents?

Employees who open the alleged application documents will find Microsoft Windows applications with the EXE file extension. They have names such as “First Name Last Name – CV – Date.exe”.

The EXE file extension already shows employees that the alleged documents are executable programs. You make changes to the operating system. Employees who open the applications install malware. This can, for example, infect the company network with a Trojan that allows criminals to access it and steal passwords, bank details or other sensitive information.

Other dangers that malware can pose include encrypting important documents or using the company network for crimes.

Source: Watchlist Internet
Source: Watchlist Internet

How do you recognize the dangerous application letter?

Criminals send application letters that spread malware. Recipients can identify suspicious emails based on the following points, among others:

  • The supposed application letters are general and do not address a specific job advertisement. This is an indication that criminals are sending a standardized email that goes out to numerous companies.
  • Normally, job seekers do not submit images included in their letter - these can be found in the candidate's CV. Criminals, on the other hand, use the images to arouse curiosity in recipients and then they open the alleged application documents.
  • The application documents are stored in a ZIP file that hides EXE programs. This is a reason not to open the supposed documents, because EXE programs make changes to the operating system.

Have you been a victim of fraudulent application?

Once you have opened the application documents, contact your IT department. It can help you determine the damage and take necessary repair measures.

For example, it is recommended that you update your antivirus program and let it scan for and remove malware. If you can rule out that there is a threat on your network, change all of your account passwords. Otherwise, there is a risk that criminals will have access to your IT system and use it for crimes despite the malware being removed.

Report the matter to the police and discuss further action with them.

How do you protect your company from malware?

Train your employees so that they can recognize fraudulent emails containing malware. Set your workstations to ensure that your colleagues have a user account.

It cannot make any changes to the operating system without the consent of the administrator. This means that the user account prevents the unnoticed installation of malware in your company network. Constantly update your operating system and programs so that known security holes can be closed and not exploited for crimes.

Back up important files and documents on an external and encrypted storage medium. This means that criminals cannot destroy sensitive documents in one fell swoop or make them unusable for you. Use an antivirus program and a firewall.

The Internet Watchlist recommends:

If you need advice or help, please contact our experts at the Internet Ombudsman. The consultation is free. The inquiry form is the fastest way to ask your questions.


If you enjoyed this post and value the importance of well-founded information, become part of the exclusive Mimikama Club! Support our work and help us promote awareness and combat misinformation. As a club member you receive:

📬 Special Weekly Newsletter: Get exclusive content straight to your inbox.
🎥 Exclusive video* “Fact Checker Basic Course”: Learn from Andre Wolf how to recognize and combat misinformation.
📅 Early access to in-depth articles and fact checks: always be one step ahead.
📄 Bonus articles, just for you: Discover content you won't find anywhere else.
📝 Participation in webinars and workshops : Join us live or watch the recordings.
✔️ Quality exchange: Discuss safely in our comment function without trolls and bots.

Join us and become part of a community that stands for truth and clarity. Together we can make the world a little better!

* In this special course, Andre Wolf will teach you how to recognize and effectively combat misinformation. After completing the video, you have the opportunity to join our research team and actively participate in the education - an opportunity that is exclusively reserved for our club members!


Notes:
1) This content reflects the current state of affairs at the time of publication. The reproduction of individual images, screenshots, embeds or video sequences serves to discuss the topic. 2) Individual contributions were created through the use of machine assistance and were carefully checked by the Mimikama editorial team before publication. ( Reason )