The threat actor targets recruiters by sending them a direct email. The group pretends to be an individual interested in a job.
The website employs filtering mechanisms to assess whether the subsequent phase of the attack should be initiated. If the criteria for filtering are not met, the user is presented with a plain text resume. If the filtering checks are successfully passed, the user is redirected to the candidate website, where they are prompted to solve a CAPTCHA.
[
add
]
[
|
|
...
]