It can be tough being a student. Between the cost of tuition, room and board, and just daily life, it gets expensive very quickly. 

Working a job can help offset those costs and is a popular thing for students to do.

Hackers know this, and thus target attacks to try to scam college students by offering them fake jobs. 

In this attack brief, researchers at Avanan, a Check Point Software Company, will discuss how hackers are dangling money-making opportunities at students in exchange for harvested credentials. 

Attack

In this attack, hackers are offering fake job offers to students, with the real prize being a credential harvesting scam. 

  • Vector: Email
  • Type: Credential Harvesting
  • Techniques: Social Engineering, Impersonation,
  • Target: Any end-user

 

Email Example #1

 

 

This email offers a remote, part-time, $450 job opportunity. The email comes from a legitimate email; however, the link is malicious, which means that this chain started as an account takeover. (The job offer also has nothing to do with the company that sent it out.) When a student clicks on the link, they are redirected to a page that instead steals their credentials. No job here. This is a good example of social engineering–the hackers are dangling a lure for the end-user to pick up on. It may not work in every scenario, but all it takes is one click to be successful. 

Techniques

Hackers are really good at targeting people at vulnerable moments. Here, they are targeting students who are in need of a job and cash. Sending these students an offer of a good-paying, fairly low-time commitment job could seem too good to be true. (It is.)

But for a student hungry for cash, the too-good-to-be-true nature might not matter. They see a job offer and will want to click on the link. 

Clicking on the link, however, will not provide the job they think. It will just steal their credentials. 

Best Practices: Guidance and Recommendations

To guard against these attacks, security professionals can do the following:

  • Always hover all URLs before clicking
  • For students, check with your institution before accepting or applying to any jobs aimed at students
  • If unsure, check with IT