Security

Latest Phishing Campaign Steals Jobs Portal User Credentials

Written by Lore Apostol
Published on June 29, 2021

An ongoing phishing campaign targeting users of the employment website called Indeed was discovered by the Bitdefender Antispam Lab. The researchers' report says that 48% of the fraudulent emails have reached users in the US, 28% in Ireland, 5% in Finland, 3% in France and India, and 2% in Germany.

The cybercriminals send spoofed emails with a forged email header that reads "[email protected]," so it seems to be legit communication coming from the job-listing portal. They ask the recipients to confirm their Indeed user email address by downloading the attachment and logging into their account after that.

Source: bitdefender.com

The attachment, which is named “Indeed_Update.html,” opens a fake web page with a login form that has their email address already filled in, so the victim only needs to type in their password.

Source: bitdefender.com

As expected, Indeed users who find this email in their inbox need to keep away from it, so do not open it - and definitely do not enter your password. The researchers advise recipients to delete the email and access the official Indeed website from a browser - or, if it's already too late for that, to just reset their password as soon as possible on the employment website and anywhere else they are using the same credentials.

However, this job portal happens to send a verification email to users during the sign-up process, but it only asks new users to confirm their email address by clicking on a link. So, that should be the only time when this email is legit, but it's always wise to check for fraud signs before engaging with any received email.



For a better user experience we recommend using a more modern browser. We support the latest version of the following browsers: For a better user experience we recommend using the latest version of the following browsers: