Recruitment Agencies Being Targeted By Ransomware

Cyber criminals have been targeting HR professionals with an email that appears to be from a candidate. They are sending a fake CV and an excel form that asks to ‘enable macros’. If this is enabled the file will generate an executable file and launch Ransomware.

If the user gets Ransomware then they will have to pay the cyber criminals a fine to get  the decryption password.

This form of ransomware is being called Goldeneye, and was initially released in Germany through phishing emails, however the threat has now spread globally.

How to recognise it…

The first file received in the email (fake CV) is designed to trick users into believing that it is a regular job application. The second file (an Excel file) will contain the job request, this is where the ransomware resides. Once opened excel will ask the recipient to enable the Visual Basic for Applications (VBA) macros to load content.

Once you enable the macro, the ransomware will invisibly load on to your pc, encrypting all of your files and leaving a message with a ransomware text file. Once your pc is infected it will reboot and from that moment you will not be able to access your files. Instead you will see a ransomware message:


How to protect your business against Ransomware

As with all strains of Ransomware there is nothing you can do to protect your business 100% against this kind of attack, there are however many steps you can take to reduce the risk and ensure that your data is retrievable.

Following the recent increase in Ransomware we are continually looking into ways we can help to protect your business against cyber-attacks.

Speak to your Technical Consultant or Account Manager today to ensure you are doing all you can to protect your business against this kind of attack.

Follow this link for GoldenEye ransomware removal instructions.

Download our 5 tip PDF explaining how you can stop ransomware! 


Discover all of our Cyber Security resources. 

If you are worried about the security of your data and would like to discuss your cyber security, contact us today!

Share this entry
Get In Touch
close slider

New Enquiry

Contact Us


Get In Touch

If you are an existing client to get support call us on:

0117 923 1133 (Bristol)
01628 552861 (High Wycombe)
0207 993 0010 (London)
01865 593011 (Oxford)
01733 306633 (Peterborough)
01793 688595 (Swindon)
0161 823 3613 (Manchester)
0121 461 2667 (Birmingham)

Login to the portal

Login Here