The FBI warned that threat actors have been launching phishing campaigns using fraudulent job postings on recruitment websites in an effort to exfiltrate personal data and cash, reports BleepingComputer.
"These scammers lend credibility to their scheme by using legitimate information to imitate businesses, threatening reputational harm for the business and financial loss for the job seeker," said the FBI in a public service announcement posted on its Internet Crime Complaint Center.
Since 2019, victims of such scams have reported average losses of $3,000 aside from credit score damage, according to the FBI, which has already warned in January 2020 about cybercriminals impersonating legitimate websites to exfiltrate applicants' cash and information.
"Fraudulent job listings include links and contact information that direct applicants to spoofed websites, email addresses, and phone numbers controlled by the scammers where the applicant's personal information can be stolen and then sold or used in additional scams," said the FBI.
Thousands of organizations across the U.S. have been targeted by a new phishing campaign deploying the Bumblebee malware, which was last observed in the wild in September, according to BleepingComputer.