In today's digital environment, it is increasingly common for cybercriminals to use job searching as an attack vector to compromise the security of professionals and organisations. Fake job offers have become a sophisticated method to deceive unsuspecting candidates and execute malicious code on their devices, putting valuable information and corporate environments at risk.
How this scam works step by step
The process is surprisingly convincing, designed to build trust progressively over weeks:
- You apply for a job offer at a reputable company.
- You are invited to the first interview, you look up the interviewer on LinkedIn, they seem interesting, you talk about your experience, studies and availability.
- You pass the first interview. You attend the second with the Head of HR, who talks to you about the company's values.
- You pass the second interview. The third arrives: a senior executive shows you documents about the current project, the completed phases, the next steps.
- You are excited about this move to a new role where you can grow and earn more.
Until... the 4th interview arrives. A technical interview.
The attack vector: the technical test with malware
The candidate receives a supposed technical test or a file with instructions: "You need to fix the 3 bugs in this code."
The candidate passes the test. The code is fixed and works perfectly. "We will contact you next week for the 5th and final interview."
A few days later, €120,000 in crypto assets disappear.
It takes days to recall that technical test. Their suspicions were right: the code contained malware. When executed, it installed malicious software including remote access trojans, backdoors and spyware.
This technique does not only affect individual victims. It is being actively used to hack companies: a target is selected within the organisation, a good job offer is made as if from a competitor, and the employee executes malicious code on their corporate device.
The real impact on companies
This attack does not just compromise the candidate's device. It opens a door to:
- Attacking the entire corporate network
- Accessing sensitive data belonging to clients and suppliers
- Stealing financial credentials and strategic information
- Escalating privileges within the production environment
These attacks use advanced social engineering techniques: they build trust, exploit time pressure and camouflage the infection inside routine hiring practices, making them difficult to detect even for experienced professionals.
How to protect your company and your team
At Delbion, we help organisations strengthen their defences against these emerging threats:
- Cybersecurity consulting to identify and mitigate risks in recruitment processes and digital communications.
- Practical training for teams in fraud detection and social engineering attacks.
- Security audits and management that include specific controls to protect corporate networks and devices against sophisticated malware.
Do not let a job search become the entry point for a cyberattack.
Protect your organisation
Is your team prepared to detect social engineering?
Request a cybersecurity consultation. We analyse the attack vectors affecting your organisation, train your team and design controls to prevent social engineering incidents.
Talk to an expert →Your team needs secure AI training
The EU AI Act requires AI literacy for all staff from August 2026. Our courses cover compliance, AI agents and governance. FUNDAE can subsidise 100% of the cost.
