HR Departments New Ransomware Target

By:  |  Category: Security Tuesday, June 13th, 2017  |  No Comments

HR Departments New Ransomware Target

In the newest blitz of targeted social engineering ransomware attacks–your HR department is now under siege and HR departments have become the newest Ransomware target. Cybercriminals pretending to pursue fake job postings are using applications to gain entry into your system.  They use what’s called “GoldenEye Ransomware” and are savvy enough to include a cover letter in their schemes knowing that HR employees are more likely to open links and emails from people they are unfamiliar with.

The Scam

The first email in the scheme is a short message from the job applicant along with two attachments. One is a standard PDF cover letter that is harmless and appears authentic. The second attachment is a malicious Excel file posing as a job application. In the file is embedded the Golden Eye virus.

When the HR employee opens the Excel attachment, they are presented with a document which claims to be ‘Loading’ and requires them to enable Macros to view the file. When the Macros are enabled, GoldenEye executes a code and begins encrypting the users’ files before presenting them with a ransom note using yellow text–unlike the red or green used by other Petya variants.

James Bond Wanna Be’s

It’s theorized by researchers that the developer behind Petya ransomware is going by the alias Janus–copying the name of the cybercriminal group in the 1995 James Bond film GoldenEye.

In order to avoid this costly hijacking, warn your HR employees to take extra precaution and to only open files from known sources.

If you are interested in determining your network’s vulnerability–give EnhancedTECH a call for a free ransomware consultation at 714-970-9330.


Image Source:

Samantha Keller

Director of Marketing and PR at EnhancedTECH
Samantha Keller (AKA Sam) is a published author, tech-blogger, event-planner and mother of three fabulous humans. Samantha has worked in the IT field for the last fifteen years, intertwining a freelance writing career along with technology sales, events and marketing. She began working for EnhancedTECH ten years ago after earning her Bachelor’s degree from UCLA and attending Fuller Seminary. She is a lover of kickboxing, extra-strong coffee, and Wolfpack football.Her regular blog columns feature upcoming tech trends, cybersecurity tips, and practical solutions geared towards enhancing your business through technology.
Samantha Keller
Leave a Comment
Read previous post:
Wanna Cry
WannaCry? Hackers Infecting Hundreds of Thousands Worldwide

You may have seen the news this weekend. Criminal hackers have released a new strain of ransomware now aptly titled...