The job market hasn’t been great in the last few years, especially in tech, leaving a lot of people actively looking for jobs. 

Scammers are taking advantage of this. They have come up with a new trick where they pretend to be recruiters to spread crypto miners on people’s devices. 

It starts with an email inviting the person to schedule an interview for a job. But when they click the link, it installs a malicious app that secretly mines cryptocurrency. This app hijacks your PC’s resources, like the CPU and GPU, which slows down its performance significantly.

I’M GIVING AWAY THE LATEST & GREATEST AIRPODS PRO 2

What you need to know

This malicious campaign begins with an email that tricks victims into thinking it is part of a recruitment process, as reported by Dark Reading. In most cases, these emails are pretending to be from recruiters at the cybersecurity company CrowdStrike.

The fraudulent email contains a link claiming to take the recipient to a site where they can schedule an interview. However, in reality, it redirects the victim to a malicious website that offers a download for a supposed “CRM application.”

WHAT IS ARTIFICIAL INTELLIGENCE (AI)?

The site provides download options for both Windows and macOS. Regardless of which option the victim selects, the download will be a Windows executable written in Rust. This executable then downloads the XMRig cryptominer.

The executable performs several environmental checks to analyze the device and avoid detection. It scans running processes, checks the CPU and more. If the device passes these checks, the executable will display a fake error message while secretly downloading additional payloads needed to run the XMRig miner.

HERE’S WHAT RUTHLESS HACKERS STOLE FROM 110 MILLION AT&T CUSTOMERS

How does a cryptominer affect your PC?

A cryptomining app can significantly impact your PC’s performance. Once installed, it hijacks your computer’s resources, including the CPU and GPU, to secretly mine cryptocurrency. This process requires a lot of computational power, which can cause your system to slow down drastically. You might notice your computer becoming unresponsive, running hotter than usual, or consuming more power. 

In some cases, prolonged use of cryptominers can also lead to hardware damage due to the increased strain on your components. Additionally, these miners often run in the background without your knowledge, making it harder to detect the issue until the damage is already done.

CrowdStrike is aware of the scam and advises individuals to stay vigilant. “This campaign highlights the importance of vigilance against phishing scams, particularly those targeting job seekers. Individuals in the recruitment process should verify the authenticity of CrowdStrike communications and avoid downloading unsolicited files,“ the company said in a blog post. 

“Organizations can reduce the risk of such attacks by educating employees on phishing tactics, monitoring for suspicious network traffic and employing endpoint protection solutions to detect and block malicious activity.”

BEWARE OF ENCRYPTED PDFS AS THE LATEST TRICK TO DELIVER MALWARE TO YOU

5 ways to stay safe from job interview scams

1. Check if you applied for the job: If you receive an unsolicited interview invitation, think back to whether you actually applied for that job or company. Scammers often target jobseekers randomly, hoping someone takes the bait. If you didn’t apply, it’s likely a scam. Always confirm directly with the company before proceeding.

2. Verify recruiter credentials: Always double-check the recruiter’s details before responding to an email or clicking any links. Verify their email address, LinkedIn profile and company association. Legitimate companies will use official email domains, not free services like Gmail or Yahoo.

3. Avoid downloading unsolicited files: Be cautious of emails asking you to download any files or applications. Legitimate recruitment processes rarely require you to install software. If unsure, contact the company directly to confirm the request.

4. Inspect links before clicking: Hover over any links in the email to see their actual URL. Scammers often use URLs that mimic legitimate sites but have subtle differences. If a link looks suspicious, avoid clicking on it.

5. Use strong antivirus software: Use strong antivirus or endpoint protection software to detect and block malicious downloads. Regularly update your security tools to ensure they can handle new threats effectively.

The best way to safeguard yourself from malicious links that install malware, potentially accessing your private information, is to have antivirus software installed on all your devices. This protection can also alert you to phishing emails and ransomware scams, keeping your personal information and digital assets safe. Get my picks for the best 2025 antivirus protection winners for your Windows, Mac, Android and iOS devices.

WHAT TO DO IF YOUR BANK ACCOUNT IS HACKED

Kurt’s key takeaway

Cybercriminals always manage to come up with new ways to exploit people. While this particular scam is more focused on using your computer’s resources than stealing data, it is still very dangerous. It shows that if a hacker can easily install software on your PC, they can also go ahead and steal your financial information and other personal data. Always verify the emails you receive, and try not to download anything you don’t trust.

Have you ever received a suspicious email that looked like a job offer? Let us know by writing us at Cyberguy.com/Contact

For more of my tech tips and security alerts, subscribe to my free CyberGuy Report Newsletter by heading to Cyberguy.com/Newsletter

Ask Kurt a question or let us know what stories you’d like us to cover.

Follow Kurt on his social channels:

Answers to the most-asked CyberGuy questions:

New from Kurt:

Copyright 2025 CyberGuy.com. All rights reserved.