Cybercriminal group TA505 is using business email compromise tactics to target a new group of victims – HR departments. The cybercriminal gang began sending phishing emails impersonating job applicants that contained Trojanized versions of curriculum vitae files. The files contained commercially available malware that allowed the attackers to disguise their movements, steal data and credentials and gave them the ability to encrypt data. The attacks that Prevailion examined targeted human resources departments at several German companies, but these techniques are easily transferable to victims in other parts of the world.”]
Source: https://www.cuinfosecurity.com/bec-campaign-targets-hr-departments-report-a-13997