Research finds impact of fake CVs and LinkedIn profiles on HR professionals.
Around 80 percent of HR professionals have experienced a cybersecurity incident in the past year.
According to research by KnowBe4, 82 percent said they have experienced an incident, but 40 percent say they lack a formal incident response plan to deal with a cyber threat.
“As a company, we issued a warning about this threat this year after we accidentally hired a fake North Korean employee,” said Javvad Malik, lead security awareness advocate at KnowBe4.
“This demonstrated how every organisation is susceptible. Ultimately, we want to see improved security awareness and advocate for all organisations to update the existing hiring processes to include more security processes to reduce the risk of falling victim. Hopefully, then we can see the exploitable gap diminish, making cybersecurity incidents fewer and further between.”
The research also found almost half (48 percent) of HR professionals have interacted with LinkedIn profiles that were later found to be fake.
“It is not unheard of for threat actors to embed malware, spyware or other harmful software into a fake resume when applying for a job application,” Malik said.
“If clicked by an unsuspecting member of the HR department, it can lead to phishing sites or initiate the download of harmful malware which can cripple the targeted organisation, steal sensitive information or exploit it financially.”
Written by
Dan Raywood
Senior Editor
SC Media UK
Dan Raywood is a B2B journalist with more than 20 years of experience, including covering cybersecurity for the past 16 years. He has extensively covered topics from Advanced Persistent Threats and nation-state hackers to major data breaches and regulatory changes.
He has spoken at events including 44CON, Infosecurity Europe, RANT Conference, BSides Scotland, Steelcon and ESET Security Days.
Outside work, Dan enjoys supporting Tottenham Hotspur, managing mischievous cats, and sampling craft beers.
