‘Please look my CV’ (if you want to get infected by malware)

The “New resume” malware attack I blogged about earlier this week has put on a new raincoat and a fake beard, adopting a slightly different disguise.

The latest major spam attack wrought by hackers still pretends to be in the form of an unsolicited CV or resume, but uses slightly different wording from its previous incarnation.

A typical email reads as follows:

Subject: Please look my CV. Thank you.
Attached file: My_Resume_6213.zip or My_Resume_317.zip
Message body:

I have figured out that you have an available job.
I am quiet intrested in it. So I send you my resume,

Looking forward to your reply.

Thank you.

Presumably you wouldn’t employ this person because of their good spelling or grammar.


Read more in my article on the Naked Security website.

Found this article interesting? Follow Graham Cluley on Twitter, Mastodon, or Threads to read more of the exclusive content we post.

Graham Cluley is a veteran of the cybersecurity industry, having worked for a number of security companies since the early 1990s when he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows. Now an independent analyst, he regularly makes media appearances and is an international public speaker on the topic of cybersecurity, hackers, and online privacy. Follow him on Twitter, Mastodon, Threads, Bluesky, or drop him an email.