Skip to main content

Fake job listings allow piggy-backing of latest malware

The importance of keeping your company's IT security bang up to date was confirmed this week after news that several major firms had been hit by malware piggy-backing its way on to the company servers via fake job listings on Internet ads and emails.

According to the Reuters newswire, the US Department of Transportation, Hewlett-Packard, Hughes Network Systems and Unisys were amongst several US companies hit by the piggy-backing malware.

Geoff Sweeney, CTO of behavioural analysis IT security firm Tier-3, said that the fake job ads and emails acted as a conduit for the latest forms of malware, which can hit a company's IT systems hard if their IT security software is not wide-ranging and kept fully up to date.

"IT managers need to review their IT security needs regularly and ensure that the software is updated constantly, by monitoring the dashboard or console of the packages concerned," he said.

"Ideally, a single dashboard, which controls multiple IT security applications - even from different vendors - should be installed. This tells the IT manager at a glance the status of their security software." he added.

According to Sweeney, companies should also consider installing behavioural analysis IT security software to act as a `safety net' if some of the latest malware does make it onto the company's systems.

"Even if the malware does take hold after the employee reads or clicks on what appears to be an interesting job offer, good behavioural software will lock down any unusual memory activity associated with the malware, before it does any harm," he said.