Security Alert: It’s Not Us, Don’t Let It Be You
Mike Valerio Information Sec Analyst Airship
Impersonation attacks are on the rise: here’s what to know
Have you ever gotten those annoying calls that inform you that your car’s warranty is about to expire? The truth is, we all have (including the people who don’t even have cars). While this is still a very common occurrence, the bad actors behind these calls have now become more sophisticated in their tactics by impersonating recruiters promoting fake job listings.
Airship will never reach out to candidates to have job interviews via Discord, WhatsApp or any other unverified third-party communication platform. Airship leverages our website, LinkedIn and Indeed as hiring platforms and will only email candidates from the official Airship domain (airship.com).
As cyber security attacks become more sophisticated, it’s easy to get lost in all of the different ways that threat actors are trying to steal your data. Outside of complex attacks that affect infrastructure and workstation components, it’s important to keep in mind that the most common attack method is tied directly to human interaction — social engineering.
Social engineering involves the psychological manipulation of people in order to gain sensitive information from the victim. In most cases, victims are often coerced into doing something like revealing passwords, personal information such as social security numbers, passports, bank accounts, etc. Unfortunately, this attack method is the most popular as it accounted for nearly 75% of breaches in 2023 (Arctic Wolf, 7 Types of Social Engineering Attacks, October 30, 2023).
Now you are probably wondering, why is this so important that we’ve written a blog post about it? The answer is quite simple: we‘re trying to spread awareness about this specific type of social engineering attack, which Airship has recently been made aware of. In the last few weeks, bad actors have impersonated members of our HR department in attempts to convince candidates to apply or interview for fictitious Airship roles. The reported communication around these attacks involve messages coming from fabricated email accounts that aim to have users join job interviews over Discord. Examples of these fabricated email accounts include airshipcareers.us and gmail.com, which are not associated with Airship in any way, shape or form. Legitimate Airship emails will only come from our Airship domain (airship.com); for example, name@airship.com. In addition to this, people targeted by the threat actors report having convincing discussions with them that make it seem like a legitimate interview experience.
Once the threat actors feel that they have gained the trust of a person, they may also go so far as extending fake job offers. Red flags include asking candidates to immediately provide personal information and bank account details to “accept” the job offer. With all things considered, this is a unique social engineering attack that aims to impersonate Airship personnel in efforts to try and coerce people to share their personal information so it can be exploited.
The most effective way to stop these types of attacks is by spreading public awareness and confirming the proper communications channels Airship uses for security-related questions and concerns. The Airship Security team can be contacted directly via email at security@airship.com. When in doubt, reach out and always remember to think before you click or respond!
By the way, Airship is hiring! Our Careers page (https://www.airship.com/company/careers/) is where we will post all of Airship’s open roles, and where you can submit an application.
Subscribe for updates
If the form doesn't render correctly, kindly disable the ad blocker on your browser and refresh the page.