Freelance Job Sites Distributing Malware

Employment offers masquerading as responses to postings on freelance job sites such as Fiverr and Freelancer are attempting to deliver malware to unsuspecting victims. The body of these messages references a job offer and directs recipients to open an attached document for additional details. If recipients open the attachment, malware, such as a keylogger or remote access trojan (RAT), will download and install onto their system. The NJCCIC recommends users scan all incoming file attachments using a reputable anti-virus/anti-malware solution prior to opening them. Additionally, if end users have received and taken action on these messages, isolate the affected system(s) from the network and perform a full system scan using a reputable anti-virus/anti-malware solution, proactively monitor and change passwords to any financial, personal, or business accounts accessed on infected system(s), and enable multi-factor authentication where available.

AlertNJCCICKeylogger, Malware