Malware attack: ‘New resume: Please review my CV, Thank you!’

In the current economic climate many people may find themselves in the unfortunate position of having to look for a new job, and human resources departments around the world are probably becoming more used to finding ad-hoc applications arriving out of the blue in their email inboxes.

Well, if you receive an email claiming to be a resume (or CV as we usually call them here in the UK) you should exercise some caution, as there’s a malware attack currently being spammed out around the world – designed to infect your computer.

New resume malware attack

The emails, which are short and to the point, have the following characteristics:

Sign up to our free newsletter.
Security news, advice, and tips.

Subject: New resume
Attached file: Resume_document_459.zip
Message body: Please review my CV, Thank you!

Hmm.. hardly the most convincing job application I’ve ever seen – they haven’t even given any clues as to which role they might be applying for. However, you or some of your users might still be tempted to open the attached CV to see if it sheds any more clues as the point of the communication.

And if you do make the mistake of open the attached Resume_document_459.zip file, you risk infecting your Windows computer with malware.

Sophos is intercepting the threat proactively as Troj/Invo-Zip and Mal/EncPk-NS. Users of other security products would be wise to check that they are up-to-date, just in case.

Don’t make life easy for the cybercriminals. Always remember to be suspicious whenever you receive an unsolicited email out of the blue. After all, you could be making your very own career-limiting move if you help a hacker’s malware break into your company.


Graham Cluley is an award-winning keynote speaker who has given presentations around the world about cybersecurity, hackers, and online privacy. A veteran of the computer security industry since the early 1990s, he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows, makes regular media appearances, and is the co-host of the popular "Smashing Security" podcast. Follow him on Twitter, Mastodon, Threads, Bluesky, or drop him an email.

What do you think? Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.