Security Threat

Posted

The beginning of a New Year is often a busy season for individuals seeking new employment. Often, the impact of resolutions has many people making a leap, and that can make it a great time to find candidates for open positions. Now, a new breed of cybercriminals are taking advantage of this hiring season, and it could pose a risk to your company’s security.

While cyber threats are nothing new, and you may have software and other defenses in place, certain techniques are just now getting the attention they need to raise red flags. So, before you begin interacting with your next set of candidates, consider these risks they may be presenting.

Social Media as an Open Door

Many companies review candidates social media accounts, especially sites like LinkedIn, to gain more insight into what these individuals have to offer. And, since they are open, many of your employees may be spending time on these sites too. It is the prevalent use of these sites that actually gives cyber criminals an open door to your organization.

The lack of filtering makes these sites a security risk. Profiles may feature various attachments, including resumes, that can harbor malicious code. Additionally, since many employees will log in to their accounts using personal email addresses, messages sent through these systems aren’t being scanned like corporate email.

Now, add in the fact that these cyber criminals can often easily masquerade as job seekers or recruiters, and you have a recipe for disaster.

Targeting Executives

Executives may actually face higher risks through portals like LinkedIn than through many other technologies. A threat can create a fake account designed to impersonate an individual already in the executive’s network. And, if the executive usually trusts that source, they may interact with something malicious before they even realize it.

A simple link sent through integrated messengers can wreak havoc on internal networks, compromising data, leading to breaches, or more.

If that executive is screening candidates for an open position, then these risks may be even higher.

Collaboration Software is a Vulnerability

As more companies cast wider nets for candidates, using collaboration software for screening and interviewing becomes more common. And, like social media sites, many of these systems offer little protection from malware.

For example, a candidate connected with a recruiter or hiring manager over Skype or Slack has the ability to send files for review. And, what they say is a resume or list of references can actually be hiding malware.

Often, when screening candidates, it is easy to ignore the vulnerability associated with the interactions. And since the risks aren’t obvious, and there aren’t the usual protections in place, it is much easier to become a target.

Protecting Internal Systems

Since many of these vulnerabilities can’t be mitigated through traditional security software or other mechanisms, it requires intervention on how employees communicate with candidates. For example, ensuring that all communications involving attachments are managed through corporate email increase the odds of malware being quarantined before it can be opened. Additionally, the use of third party recruiters, including the services offered by ITStaff, can eliminate the vulnerability by taking recruitment efforts off of the corporate network entirely.

If you are looking for a new employee and would like to take steps to protect your network, contact us and speak with a recruitment professional today. We can help you find the candidates you need while reducing the risks associated with candidate screening over your network.

Contact Us