This has been going on for a while
We're in the medical industry and we've seen a big uptick in virus deliveries, spam and infection attempts since November.
Nurses are among the groups most heavily targeted by email scammers because of the value of the data they can access, according to email security biz Proofpoint's Adenike Cosgrove. Cosgrove, an infosec strategist for Proofpoint, told The Register that not only are nurses and other frontline healthcare professionals at the top …
You might scoff, but before Christmas, I was on a regular visit to a relative who is in an NHS facility, and I listened with some amusement to care workers discussing Johnson et al - "well he is going to deliver 50,000 more nurses and 20,0000 more police, so I support him'. People do believe them and many of them vote.
"We blanket-train people into saying don't enable macros, don't open Word documents, yet HR professionals get emails they're not expecting every single day. Their job is to open them! So now you're telling me that I shouldn't do my job?"
Perhaps your job should be to require candidates to send CVs as plain text, Word documents will be deleted unread. Mail will be read as plain text so trying cute formatting with HTML will make it look like junk.
This may disadvantage those trying to make a poor CV look better with lots of window dressing. That in itself may be an advantage to your employer.
A number of businesses I have dealt with recently require you to submit your resume/CV through a web form often with an option to drag a document into it and let the site parse out everything for you. While this does present some surface area to attack, it is nowhere near as bad as the send email attachment route.
HR professionals too. Their job is to open those emails, open those Word documents. Their job is to enable the macros so they can read the CVs!"
Sorry, no, their job is to filter out anybody stupid enough to send a CV in a Word document and especially anybody clueless enough to send one with Macros!
Biting the hand that feeds IT © 1998–2020