Fake job interview emails that install hidden cryptocurrency mining malware

The job market has not been great in the past few years, especially in technology, leaving many people actively looking for work.

Fraudsters are taking advantage of this. They have come up with a new method of pretending to be mercenaries to expand. crypto miners on human devices.

It starts with an email inviting the person to schedule a job interview. But when you click the link, it installs a malicious app that secretly extracts cryptocurrency. This app steals your PC’s resources like CPU and GPU, which slows down its performance significantly.

I give away the latest and greatest AirPods Pro 2.

What you need to know

This malicious campaign begins with an email that tricks victims into thinking it’s part of a recruitment process. Dark reading. In most cases, these emails are pretending to be from recruiters at the Cyber ​​Security company CrowdStrike.

The scam email contains a link that says it will take the recipient to a site where they can schedule an interview. But, in reality, it redirects the victim to a malicious website, for a supposed download of a “CRM app”.

What is Artificial Intelligence (AI)?

The site offers download options for both Windows and macOS. Whichever option the victim chooses, the download will be a Windows executable written by Rust. This executable will download the XMRig cryptominer.

The executable performs several local checks to analyze the device and make it unavailable. It scans running processes, checks CPU and more. If the tool passes these checks, the executable will display a false error message as it secretly downloads additional packages needed to run XMRig mining.

Here are the Ruthless hackers who stole from 110 million AT&T customers

How does Cryptominer affect your computer?

A cryptotoming application can seriously affect your PC’s performance. Once installed, it steals your computer’s resources, CPU and GPU to secretly mine cryptographic data. This process requires a lot of computing power, which can slow down your system significantly. You may notice that your computer is becoming unresponsive, running hotter than usual, or consuming more power.

In some cases, prolonged use of cryptocurrencies can also cause hardware damage due to the stress on your components. Additionally, these miners often run in the background without your knowledge, making it difficult to detect the issue until the damage is done.

CrowdStrike is aware of scams and advises individuals to be vigilant. “This campaign highlights the importance of caution when dealing with phishing scams, particularly targeting job seekers. Individuals in the recruitment process should verify the authenticity of CrowdStrike communications and avoid downloading unwanted files.”“ of The company said in a blog post.

“Organizations can reduce the risk of such attacks by educating employees on phishing techniques, monitoring suspicious network traffic, and using endpoint protection solutions to detect and block malicious activity.”

Get FOX BUSINESS on the go by clicking here

Beware of encrypted PDFs as a last resort to deliver malware to you

5 ways to protect yourself from job interview fraud

1. Make sure you applied for the job: If you receive an unsolicited interview invitation, consider whether you have actually applied for that job or company. Scammers target job seekers at random, hoping someone will take the bait. If you don’t apply, it might be a scam. Always check directly with the company before proceeding.

2. Verify Employment Credentials: Always double-check the employer’s details before responding to an email or clicking on any links. Check their email address, LinkedIn profile and company association. Legitimate companies use official email domains, not free services like Gmail or Yahoo.

3. Avoid downloading unsolicited files: Beware of emails asking you to download any files or applications. Legitimate recruitment processes do not require you to install software. If you are unsure, contact the company directly to confirm the claim.

4. Check links before clicking: Hover over any links in the email to see the actual URL. Scams often look like legitimate sites but have subtle differences. If the link looks suspicious, avoid clicking on it.

5. Use strong antivirus software: Use strong antivirus or endpoint protection software to detect and block malicious downloads. Regularly update your security tools to ensure you can effectively handle new threats.

The best way to protect yourself from malicious links that install malware is to install antivirus software on all your devices that can access your personal information. This protection can also alert you to phishing emails and ransomware scams, protecting your personal information and digital assets. Find my picks for the best 2025 antivirus protection winners for your Windows, Mac, Android, and iOS devices.

What to do if your bank account is hacked

Taking Kurt’s key

Cybercriminals always manage to come up with new ways to exploit people. This particular scam focuses on using your computer’s resources rather than stealing data, but it’s still very dangerous. This shows that if a hacker can easily install software on your PC, they can go ahead and steal your financial information and other personal information. Always check the emails you receive and try to download anything you don’t trust.

Have you ever received a suspicious email that looks like a job offer? Let us know by writing to Cyberguy.com/Contact

Click here to access the FOX NEWS app

For more tech tips and security alerts, sign up for my free Cyber ​​Guy Report newsletter by heading to Cyberguy.com/Newsletter

Ask Kurt a question or let us know stories you’d like us to cover..

Follow Kurt on his social channels:

Answers to Cyber ​​Guy’s most frequently asked questions:

New from Kurt:

Copyright 2025 CyberGuy.com. All rights reserved.