Cybercriminals are leveraging employee anxiety surrounding performance reviews to deploy malicious software. A recent report from AhnLab Security Intelligence Center (ASEC) details a sophisticated email scam that uses fake employee reports to trick individuals into installing dangerous programs on their computers, with further coverage provided by HackRead.The phishing campaign begins with emails impersonating management or HR, referencing October 2025 performance reviews and falsely suggesting potential layoffs. These messages create urgency by instructing recipients to check an attached file for their status. The attachment, often a zipped folder containing a file disguised as a PDF (e.g., "staff record pdf.exe"), is actually an executable that, when opened, deploys the Guloader malware. This malware hides in temporary memory and uses Google Drive links to download additional tools, bypassing basic security filters. The ultimate goal is to install Remcos RAT, allowing attackers to gain control of webcams and microphones, log keystrokes, and steal credentials.This attack highlights the evolving tactics of cybercriminals who exploit psychological triggers like job insecurity. It underscores the critical need for enhanced cybersecurity awareness training, emphasizing vigilance against unexpected emails with attachments, especially those creating a sense of urgency. Users should ensure file extensions are visible to identify malicious executables disguised as documents. Implementing multi-factor authentication and regularly updating security software are also crucial steps to mitigate the impact of such sophisticated threats.Source: HackRead
Malware, Security Operations, Phishing
Phishing scam exploits performance review anxiety to deploy malware

Get daily email updates
SC Media's daily must-read of the most current and pressing daily news
You can skip this ad in 5 seconds



