Tag: certainty

Love Gained, Job loss

Do you have a job that you love? A job that you can’t go one day thinking about. A job so perfect that you can’t see how you would live the rest of your life without it. If you’re like most people, then your answer is moreover going to be a deafening “no”.

Not surprisingly, most people grew up and found the old saying, “Do what you love, and you’ll never work a day in your life,” to be a load of …cow dung. At least the grass looks nice.

Given not being satisfied with your current job or not having one depending on the situation you’re in, you are more likely to have been advised to seek work from job posting boards/sites like LinkedIn, indeed, and Monster. Seeing the amount of job postings on these job sites could have you scratching your head and checking your skillset.

This isn’t bad, you are trying to find your “dream job” after all, and you may land on one to apply. However, can we tell you that not every job posting is a real one? Don’t know what we mean?

Today, we’ll look into this trend of fake jobs—a little about why this method would be used, and how you can protect yourself from falling victim.

Like what you’re reading so far? Why not consider subscribing for more?

So, you’re on Indeed, and you’re looking around for a job that matches your skillset. You know the skills you went to college for, spent four to eight years of your time, only to meet the request of you having five years of experience for an entry-level job.

Math isn’t mathing, yea, we know, a quick shoutout to Human Resources. They found a way to job-block. Okay, moving along, you found your dream job, you want to be a developer and there’s an opening.

Great, you apply, get a date for an online interview. The day finally comes, the interviewer asks you to install something onto your computer so the interview can take place. To your surprise, however, you just fell victim to a new campaign called “Dev Popper”.

Yes, you have been hoodwinked. Threat actors are using job postings to trick people, mainly software developers, into installing a RAT (Remote Access Trojan). A trojan on its own is bad enough, but the remote access allows the threat actor to navigate around your machine.

How is this a problem? Well, think of it this way, you opened the door of your home to a robber along with giving them the key. They can do what they want.

A quick fun fact, while this activity is illegal, there have been some questions if the use of RATs is legal. They are to a degree depending on the purpose. If someone from the IT help desk was trying to solve a problem on your computer, they would ask you to download something to give them access, and you would watch them as they were fixing the problem.

This use case is perfectly legal, now if they were to find a folder saying, “Bank Account” and copy information from there, then that steers to being illegal because this is being done with malicious intent.

Also, another issue with RATs is, that once they’re on your machine, a backdoor can be created for the threat actor to retrieve any data they didn’t take the first go around. So, word to the wise, pay attention to your downloads and keep your backdoor closed.

So, you may be wondering, “How would I be able to tell I have a RAT?” Some tell-tales are seeing unfamiliar programs, processing running, or if you find items have been deleted without your intervention. RATs tend to be installed with other programs or “PUPs” (Possible Unwanted Programs) and can eat up your CPU usage.

Other ways to tell something that may be on your machine are; that it’s taking longer than usual for a program to run, and the obvious one; your mouse is moving without your intervention. Unless your residence is possessed, the other logical answer is that you have a ghost in your machine. That ghost is a threat actor.

Enjoyed this reading and want to read more? Why not consider liking, sharing, and subscribing?