Fake job interview emails install hidden cryptocurrency mining malware

The job market hasn’t been great in the past few years, especially in the tech field, leaving a lot of people actively looking for jobs.

Scammers take advantage of this. They’ve come up with a new trick where they pretend to be recruiters to spread the word Crypto miners On people’s devices.

It starts with an email inviting a person to schedule an interview for a job. But when they click on the link, a malicious app is installed that secretly mines cryptocurrencies. This application hijacks your computer’s resources, such as CPU and GPU, significantly slowing down its performance.

Introducing the latest and greatest AIRPODS PRO 2

What you need to know

This malicious campaign begins with an email that tricks victims into believing it is part of a recruitment scam, the site reported Dark reading. In most cases, these emails pretend to be from recruiters at cybersecurity company CrowdStrike.

The fraudulent email contains a link that claims to take the recipient to a site where they can schedule an interview. However, in reality, it redirects the victim to a malicious website that offers a download of a supposed “CRM application.”

What is artificial intelligence (AI)?

The site provides download options for both Windows and Mac. Regardless of which option the victim selects, the download will be a Windows executable file written in Rust. This executable file then downloads the XMRig cryptominer.

The executable file performs several environmental scans to analyze the device and avoid detection. It scans running processes, checks CPU and more. If the device passes these tests, the executable will display a bogus error message while downloading the additional payloads needed to secretly run the XMRig miner.

Here’s what hackers stole from 110 million AT&T customers

How does cryptominer affect your computer?

A cryptocurrency mining application can greatly affect the performance of your computer. Once installed, it hijacks your computer’s resources, including CPU and GPU, to secretly mine cryptocurrencies. This process requires a lot of computational power, which can cause your system to slow down significantly. You may notice that your computer is unresponsive, running hotter than usual, or consuming more power.

In some cases, prolonged use of cryptocurrency mining tools can also lead to hardware damage due to increased stress on your components. Additionally, these miners often run in the background without your knowledge, making it difficult to detect the problem until the damage is already done.

CrowdStrike is aware of the scam Individuals are advised to remain vigilant. “This campaign highlights the importance of being vigilant against phishing scams, especially those targeting job seekers. Individuals involved in the hiring process should verify the authenticity of CrowdStrike connections and avoid downloading unwanted files,“ the The company said in a blog post.

“Organizations can reduce the risk of such attacks by educating employees about phishing tactics, monitoring suspicious network traffic, and using endpoint protection solutions to detect and block malicious activity.”

Get FOX Business on the go by clicking here

Beware of encrypted PDF files as the latest trick to deliver malware to you

5 Ways to Stay Safe from Job Interview Scams

1. Check if you have applied for the job: If you receive an unsolicited invitation to an interview, consider whether you have already applied for that job or company. Scammers often target random job seekers, hoping someone will take the bait. If you don’t apply, it’s probably a scam. Always check directly with the company before proceeding.

2. Verify the recruiter’s credentials: Always double-check a recruiter’s details before responding to an email or clicking on any links. Check their email address, LinkedIn profile, and company association. Legitimate companies will use official email domains, not free services like Gmail or Yahoo.

3. Avoid downloading unwanted files: Be wary of emails asking you to download any files or applications. Legitimate recruitment operations rarely require you to install software. If you are not sure, contact the company directly to confirm the order.

4. Check links before clicking on them: Hover over any links in the email to see their actual URL. Scammers often use URLs that mimic legitimate sites but have slight differences. If a link looks suspicious, avoid clicking on it.

5. Use powerful antivirus software: Use strong antivirus or endpoint protection software to detect and block malicious downloads. Update your security tools regularly to ensure they can effectively handle new threats.

The best way to protect yourself from malicious links that install malware, and potentially access your private information, is to install antivirus software on all of your devices. This protection can also alert you to phishing emails and ransomware, keeping your personal information and digital assets safe. Get my picks for the best antivirus protection winners of 2025 for Windows, Mac, Android, and iOS.

What to do if your bank account is hacked

Key takeaway for Kurt

Cybercriminals are always able to come up with new ways to exploit people. While this scam is more focused on using your computer’s resources rather than stealing data, it is still very dangerous. He explains that if a hacker can easily install software on your computer, they can also go ahead and steal your financial information and other personal data. Always check the emails you receive, and try not to download anything you don’t trust.

Have you ever received a suspicious email that looked like a job offer? Let us know by writing to us at Cyberguy.com/Contact

CLICK HERE TO GET THE FOX NEWS APP

For more tech tips and security alerts, sign up for the free CyberGuy Report newsletter by heading to Cyberguy.com/Newsletter

Ask Kurt a question or tell us what stories you’d like us to cover.

Follow Kurt on his social channels:

Answers to the most frequently asked questions about CyberGuy:

New from Kurt:

Copyright 2025 CyberGuy.com. All rights reserved.